CVE-2025-9829

Sažetak

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /signup.php. The manipulation of the argument mobilenumber leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. Other parameters might be affected as well.

Reference

https://github.com/dad-zm/myCVE/issues/4
https://phpgurukul.com/
https://vuldb.com/?ctiid.322176
https://vuldb.com/?id.322176
https://vuldb.com/?submit.641587
https://vuldb.com/?submit.641592
https://vuldb.com/?submit.641595
https://github.com/dad-zm/myCVE/issues/4

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-09-2025 - 18:03

Objavljeno

02-09-2025 - 19:15