PT-2025-28336 · Unknown · Phpgurukul/Campcodes Cyber Cafe Management System

·

CVE-2025-7165

·

Published

2025-07-08

·

Updated

2025-07-08

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: PHPGurukul/Campcodes Cyber Cafe Management System version 1.0
Description: A critical issue affects an unknown functionality of the file /forgot-password.php. The manipulation of the email argument leads to SQL injection. This issue can be exploited remotely.
Recommendations: For PHPGurukul/Campcodes Cyber Cafe Management System version 1.0, consider disabling the /forgot-password.php file until a patch is available to prevent SQL injection attacks by manipulating the email argument. Restrict access to this file to minimize the risk of exploitation.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-7165

Affected Products

Phpgurukul/Campcodes Cyber Cafe Management System