LOW🇬🇧 English

CVE-2025-7600

CVSS 2.1v4.0pub. 2025-07-14upd. 2026-04-29

A vulnerability, which was classified as critical, was found in PHPGurukul Online Library Management System 3.0. This affects an unknown part of the file /admin/student-history.php. The manipulation of the argument stdid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Phpgurukul Online Library Management System

    APP
    Phpgurukul
    3.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2025-57119CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w Phpgurukul Online Library Management System v.3.0

CVE-2025-57118CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w PHPGurukul Online Library Management System v3.0

CVE-2025-50488HIGH7.1ten sam produkt

Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Manag...

CVE-2025-7601LOW2.0ten sam produkt

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problemati...

CVE-2025-2093LOW2.3ten sam produkt

A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problema...