A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
History

Fri, 06 Jun 2025 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Phpgurukul
Phpgurukul online Fire Reporting System
CPEs cpe:2.3:a:phpgurukul:online_fire_reporting_system:1.2:*:*:*:*:*:*:*
Vendors & Products Phpgurukul
Phpgurukul online Fire Reporting System

Thu, 05 Jun 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 04 Jun 2025 22:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Title PHPGurukul Online Fire Reporting System profile.php sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2025-06-04T22:31:06.500Z

Updated: 2025-06-05T13:16:16.476Z

Reserved: 2025-06-04T10:59:51.176Z

Link: CVE-2025-5616

cve-icon Vulnrichment

Updated: 2025-06-05T13:16:06.237Z

cve-icon NVD

Status : Analyzed

Published: 2025-06-04T23:15:21.700

Modified: 2025-06-06T20:10:46.310

Link: CVE-2025-5616

cve-icon Redhat

No data.