CVE-2025-25356

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0

Description: A SQL Injection issue was found in the /admin/bwdates-reports-details.php file, allowing remote attackers to execute arbitrary code via the todate POST request parameter.

Recommendations: For PHPGurukul Land Record System version 1.0, consider disabling access to the /admin/bwdates-reports-details.php file until a patch is available, and restrict the use of the todate parameter in the affected POST request to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.