CVE-2025-1906
CVE-2025-1906
Título es
CVE-2025-1906
Mar, 04/03/2025 – 05:15
Tipo
CWE-74
Gravedad v2.0
5.80
Gravedad 2.0 Txt
MEDIUM
Título en
CVE-2025-1906
Descripción en
A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
04/03/2025
04/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vector CVSS:2.0
AV:N/AC:L/Au:M/C:P/I:P/A:P
Gravedad 4.0
5.10
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 (CVSS 3.1 Base Score)
4.70
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
https://github.com/HaroldFinch-L/CVE/issues/2
https://phpgurukul.com/
https://vuldb.com/?ctiid_298426=
https://vuldb.com/?id_298426=
https://vuldb.com/?submit_508915=
Enviar en el boletín
Off
