CVE-2025-1901
CVE-2025-1901
Título es
CVE-2025-1901
Mar, 04/03/2025 – 04:15
Tipo
CWE-74
Gravedad v2.0
7.50
Gravedad 2.0 Txt
HIGH
Título en
CVE-2025-1901
Descripción en
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
04/03/2025
04/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vector CVSS:2.0
AV:N/AC:L/Au:N/C:P/I:P/A:P
Gravedad 4.0
6.90
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 (CVSS 3.1 Base Score)
7.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Referencias
https://github.com/chenzi-dynasty/CVE/issues/1
https://phpgurukul.com/
https://vuldb.com/?ctiid_298419=
https://vuldb.com/?id_298419=
https://vuldb.com/?submit_506612=
Enviar en el boletín
Off
