Cross-Site Request Forgery Vulnerability in PHPGurukul Car Rental Portal
CVE-2025-6284

5.3MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Car Rental Portal
Vendor: CVE Published:; 19 June 2025

What is CVE-2025-6284?

A vulnerability has been identified in PHPGurukul's Car Rental Portal version 3.0, which allows attackers to perform unauthorized actions on behalf of legitimate users through cross-site request forgery. This exploit can be executed remotely, posing significant risks to user data and system integrity. Mitigations should be implemented to safeguard against potential attacks leveraging this weakness.

Affected Version(s)

Car Rental Portal 3.0

References

https://vuldb.com/?id.313288

vdb-entry

https://vuldb.com/?ctiid.313288

signaturepermissions-required

https://vuldb.com/?submit.593775

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2025
Vulnerability Reserved
Jun 19, 2025

Credit

MUHAMMED FAVAS (VulDB User)

PHPgurukul

What is CVE-2025-6284?

Affected Version(s)

References

CVSS V4

Timeline

Credit