SQL Injection Vulnerability in PHPGurukul Old Age Home Management System
CVE-2025-3351

6.9MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Old Age Home Management System
Vendor: CVE Published:; 7 April 2025

Badges

👾 Exploit Exists

What is CVE-2025-3351?

A significant SQL injection vulnerability exists in the login.php file of PHPGurukul's Old Age Home Management System version 1.0. This vulnerability allows unauthorized manipulation of the 'Username' parameter, enabling remote attackers to execute arbitrary SQL queries. The risk associated with this vulnerability has been publicly disclosed, creating an urgent need for affected users to apply available mitigations and ensure the integrity of their systems.

Affected Version(s)

Old Age Home Management System 1.0

References

https://vuldb.com/?id.303565

vdb-entrytechnical-description

https://vuldb.com/?ctiid.303565

signaturepermissions-required

https://vuldb.com/?submit.552130

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 7, 2025
Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Apr 6, 2025

Credit

n0name (VulDB User)

PHPgurukul