CVE-2025-25352

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0

Description: A SQL Injection issue was found in the /admin/aboutus.php file, allowing remote attackers to execute arbitrary code via the pagetitle POST request parameter. This enables attackers to inject malicious SQL code, potentially leading to unauthorized access or data manipulation.

Recommendations: For PHPGurukul Land Record System version 1.0, consider disabling access to the /admin/aboutus.php file or restricting the use of the pagetitle parameter in the POST request until a patch is available. Additionally, ensure that all user input is properly sanitized and validated to prevent SQL injection attacks.