{"id":6534,"date":"2025-06-06T11:09:17","date_gmt":"2025-06-06T11:09:17","guid":{"rendered":"http:\/\/localhost\/?p=6534"},"modified":"2025-06-06T11:09:17","modified_gmt":"2025-06-06T11:09:17","slug":"phpgurukul-employee-record-management-system-resetpasswordphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=6534","title":{"rendered":"PHPGurukul Employee Record Management System resetpassword.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nPHPGurukul Employee Record Management System resetpassword.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-06T15:00:20.561Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nEmployee Record Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.3<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability was discovered in PHPGurukul Employee Record Management System version 1.3. This vulnerability affects the resetpassword.php file and can be exploited remotely by manipulating the newpassword argument. The exploit is publicly disclosed, posing a potential risk to users.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nEmployee Record Management System<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.3<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n