CVE-2025-2684

Name of the Vulnerable Software and Affected Versions PHPGurukul Bank Locker Management System version 1.0

Description A critical vulnerability has been found in the PHPGurukul Bank Locker Management System. This issue affects some unknown processing of the file /search-report-details.php. The manipulation of the argument searchinput leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For PHPGurukul Bank Locker Management System version 1.0, as a temporary workaround, consider restricting access to the /search-report-details.php file until a patch is available. Avoid using the searchinput argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.