LOW🇵🇱 Wersja polska

CVE-2025-7600

CVSS 2.1v4.0pub. 2025-07-14upd. 2026-04-29

A vulnerability, which was classified as critical, was found in PHPGurukul Online Library Management System 3.0. This affects an unknown part of the file /admin/student-history.php. The manipulation of the argument stdid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Phpgurukul Online Library Management System

    APP
    Phpgurukul
    3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2025-57119CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w Phpgurukul Online Library Management System v.3.0

CVE-2025-57118CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w PHPGurukul Online Library Management System v3.0

CVE-2025-50488HIGH7.1ten sam produkt

Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Manag...

CVE-2025-7601LOW2.0ten sam produkt

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problemati...

CVE-2025-2093LOW2.3ten sam produkt

A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problema...