PT-2025-30752 · Phpgurukul · Phpgurukul User Management+1
Anhtrankma
·
Published
2025-07-25
·
Updated
2025-07-25
·
CVE-2025-8156
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PHPGurukul User Registration & Login and User Management version 3.3
Description
A critical issue exists in PHPGurukul User Registration & Login and User Management. The vulnerability is due to SQL injection in the
/admin/lastsevendays-reg-users.php file, specifically through manipulation of the ID argument. This allows for remote exploitation. The exploit has been publicly disclosed.Recommendations
Versions prior to 3.3 should be used.
Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpgurukul User Management
Phpgurukul User Registration & Login