CVE-2025-25388

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 13, 2025

CWE ID 89

Summary

CVE-2025-25388 is a SQL Injection vulnerability impacting the PHPGurukul Land Record System v1.0. The issue lies in the /admin/edit-propertytype.php file, where the editid parameter in GET requests is susceptible to attack. Malicious actors can exploit this flaw to execute arbitrary code remotely. This vulnerability poses a significant risk and requires immediate attention from system administrators to mitigate and apply patches to affected installations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Phpgurukul Land Record System

Affected Vendors

Phpgurukul

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3IDi6d
https://www.cve.org/CVERecord?id=CVE-2025-25388
https://nvd.nist.gov/vuln/detail/CVE-2025-25388

Back to Vulnerability Database