6 matches found
CVE-2025-4004
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. The attack can be initiated...
CVE-2025-4004
creationtimestamp| type| source ---|---|--- 2025-04-28 09:41:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuhxjx6wf2y 2025-04-28 09:52:49+00:00| seen| https://t.me/cvedetector/23885 2025-05-02 11:15:33+00:00| published-proof-of-concept|...
CVE-2025-4004
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. The attack can be initiated...
CVE-2025-4004 PHPGurukul COVID19 Testing Management System password-recovery.php sql injection
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. The attack can be initiated...
CVE-2025-4004
Summary (CVE-2025-4004): PHPGurukul COVID19 Testing Management System 1.0 has a SQL injection in /password-recovery.php when manipulating the contactno (and also username) parameter due to incomplete input validation. Exploitation is feasible remotely and has been disclosed. Evidence from multipl...
CVE-2025-4004 PHPGurukul COVID19 Testing Management System password-recovery.php sql injection
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. The attack can be initiated...