PT-2025-29432 · Phpgurukul · Phpgurukul Online Fire Reporting System
F1Rstb100D
·
Published
2025-07-14
·
Updated
2025-07-14
·
CVE-2025-7582
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
PHPGurukul Online Fire Reporting System version 1.2
Description:
A critical issue exists in PHPGurukul Online Fire Reporting System 1.2. The vulnerability is due to SQL injection in an unknown part of the
/admin/assigned-requests.php file. Manipulation of the teamid argument allows for remote exploitation. The exploit has been publicly disclosed.Recommendations:
Address the SQL injection issue in the
/admin/assigned-requests.php file.
Sanitize or validate the teamid argument to prevent SQL injection attacks.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpgurukul Online Fire Reporting System