{"id":6431,"date":"2025-06-05T08:34:13","date_gmt":"2025-06-05T08:34:13","guid":{"rendered":"http:\/\/localhost\/?p=6431"},"modified":"2025-06-05T08:34:13","modified_gmt":"2025-06-05T08:34:13","slug":"phpgurukul-complaint-management-system-updatecomplaintphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=6431","title":{"rendered":"PHPGurukul Complaint Management System updatecomplaint.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nPHPGurukul Complaint Management System updatecomplaint.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-05T12:31:07.351Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nComplaint Management System<\/td>\n<\/tr>\n
Version<\/th>\n2.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical SQL injection vulnerability exists in PHPGurukul’s Complaint Management System 2.0, allowing remote attackers to inject malicious SQL code via the Status argument in updatecomplaint.php. This could lead to unauthorized data access or modification. The exploit is publicly available, increasing the risk of exploitation.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nComplaint Management System<\/td>\n<\/tr>\n
Affected Version<\/th>\n2.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n