CVE-2025-4110

Name of the Vulnerable Software and Affected Versions PHPGurukul Pre-School Enrollment System version 1.0

Description A critical issue was found in the PHPGurukul Pre-School Enrollment System, affecting some unknown functionality of the file /admin/edit-teacher.php. The manipulation of the mobilenumber argument leads to SQL injection. This issue can be exploited remotely, and the exploit has been disclosed to the public. Other parameters might also be affected.

Recommendations For PHPGurukul Pre-School Enrollment System version 1.0, consider disabling the mobilenumber argument in the /admin/edit-teacher.php file as a temporary workaround to minimize the risk of SQL injection until a patch is available. Restrict access to the /admin/edit-teacher.php file to prevent remote exploitation.