Path Traversal Vulnerability in PHPGurukul Online Nurse Hiring System
CVE-2025-1588

6.9MEDIUM

Key Information:

Vendor

PHPgurukul
Status
Online Nurse Hiring System
Vendor
CVE Published:
23 February 2025

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2025-1588?

The PHPGurukul Online Nurse Hiring System 1.0 is vulnerable to path traversal attacks due to improper validation of input parameters in the /admin/manage-nurse.php file. An attacker can exploit this vulnerability remotely by manipulating the profilepic argument, allowing access to restricted directories such as '../filedir'. This can lead to unauthorized file access and potential data leakage. Awareness of this vulnerability is crucial for users of the system to implement necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Online Nurse Hiring System 1.0

References

https://vuldb.com/?id.296572
vdb-entrytechnical-description
https://vuldb.com/?ctiid.296572
signaturepermissions-required
https://vuldb.com/?submit.505441
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.