CVE-2025-7604

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0

Description: A vulnerability exists in PHPGurukul Hospital Management System 4.0 related to SQL injection. The issue is located in the /user-login.php file, where manipulation of the Username argument can lead to exploitation. The attack can be launched remotely, and the exploit has been publicly disclosed.

Recommendations: As a temporary workaround, consider restricting access to the /user-login.php file until a patch is available. Sanitize the Username input to prevent SQL injection attacks.