SQL Injection Vulnerability in phpgurukul Complaint Management System by phpgurukul
CVE-2025-57146

8.1HIGH

Key Information:

Vendor: phpgurukul
Status: Complaint Management System
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-57146?

The phpgurukul Complaint Management System version 2.0 is susceptible to SQL Injection vulnerabilities, specifically in the user/reset-password.php file. An attacker can exploit the mobileno parameter to execute arbitrary SQL queries, which may lead to unauthorized access to sensitive data. It is crucial for users of this software to understand the implications of this vulnerability and implement necessary security measures to safeguard their applications.

References

https://doc.clickup.com/3897127/p/h/3pxt7-12536/a7b1b87ee...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Aug 17, 2025