CVE-2025-7481

Name of the Vulnerable Software and Affected Versions: PHPGurukul Vehicle Parking Management System version 1.13

Description: A critical issue exists in PHPGurukul Vehicle Parking Management System version 1.13. The vulnerability is located in an unknown part of the /users/profile.php file. Manipulation of the firstname argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed. Other parameters may also be affected.

Recommendations: Update to a newer version that contains a fix for this issue. As a temporary workaround, restrict access to the /users/profile.php file. Sanitize the firstname parameter to prevent SQL injection.