{"id":7066,"date":"2025-06-20T05:39:21","date_gmt":"2025-06-20T05:39:21","guid":{"rendered":"http:\/\/localhost\/?p=7066"},"modified":"2025-06-20T05:39:21","modified_gmt":"2025-06-20T05:39:21","slug":"phpgurukul-directory-management-system-searchdataphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7066","title":{"rendered":"PHPGurukul Directory Management System searchdata.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nPHPGurukul Directory Management System searchdata.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-20T10:00:11.793Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nDirectory Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical SQL injection vulnerability exists in PHPGurukul Directory Management System 1.0. The vulnerability is in the searchdata parameter of searchdata.php, allowing remote attackers to inject SQL code. This can lead to unauthorized access and data manipulation. The exploit is publicly known and could be widely used.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nDirectory Management System<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n