PT-2025-29341 · Phpgurukul · Phpgurukul User Registration & Login/User Management System

4M3Rr0R

Published

2025-07-12

Updated

2025-07-14

CVE-2025-7543

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PHPGurukul User Registration & Login and User Management System version 3.3

Description A critical vulnerability exists in PHPGurukul User Registration & Login and User Management System 3.3. The issue is a SQL injection vulnerability located in an unknown part of the file /admin/manage-users.php. The manipulation of the ID argument allows for remote exploitation. The exploit has been publicly disclosed.

Recommendations For PHPGurukul User Registration & Login and User Management System version 3.3, restrict access to the /admin/manage-users.php file and sanitize the ID parameter to prevent SQL injection attacks.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-7543

Affected Products

Phpgurukul User Registration & Login/User Management System

CVE-2025-7543

Weakness Enumeration

Related Identifiers

Affected Products

References · 12