All the vulnerabilites related to PHPGurukul - Nipah Virus Testing Management System
cve-2025-1580
Vulnerability from cvelistv5
Published
2025-02-23 10:00
Modified
2025-02-24 12:11
Severity ?
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.296556 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.296556 | signature, permissions-required | |
| https://vuldb.com/?submit.504234 | third-party-advisory | |
| https://github.com/wqywfvc/CVE/issues/5 | exploit, issue-tracking | |
| https://phpgurukul.com/ | product |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1580",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-24T12:11:19.270063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T12:11:30.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0x0A1lha (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting parameter names to be affected."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei /search-report-result.php. Durch das Manipulieren des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-23T10:00:11.420Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-296556 | PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.296556"
},
{
"name": "VDB-296556 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.296556"
},
{
"name": "Submit #504234 | PHPGurukul Niv-tms project V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.504234"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/wqywfvc/CVE/issues/5"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-22T12:19:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1580",
"datePublished": "2025-02-23T10:00:11.420Z",
"dateReserved": "2025-02-22T11:14:04.923Z",
"dateUpdated": "2025-02-24T12:11:30.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6297
Vulnerability from cvelistv5
Published
2023-11-26 22:31
Modified
2024-08-02 08:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System Search Report Page patient-search-report.php cross site scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.246123 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.246123 | signature, permissions-required | |
| https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md | exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.246123"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.246123"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Search Report Page"
],
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file patient-search-report.php of the component Search Report Page. The manipulation of the argument Search By Patient Name with the input \u003cscript\u003ealert(document.cookie)\u003c/script\u003e leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246123."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei patient-search-report.php der Komponente Search Report Page. Durch das Beeinflussen des Arguments Search By Patient Name mit der Eingabe \u003cscript\u003ealert(document.cookie)\u003c/script\u003e mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-26T22:31:04.240Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.246123"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.246123"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-11-26T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-11-26T08:26:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System Search Report Page patient-search-report.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6297",
"datePublished": "2023-11-26T22:31:04.240Z",
"dateReserved": "2023-11-26T07:21:11.672Z",
"dateUpdated": "2024-08-02T08:28:21.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6474
Vulnerability from cvelistv5
Published
2023-12-02 23:31
Modified
2024-08-02 08:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System manage-phlebotomist.php cross-site request forgery
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.246640 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.246640 | signature, permissions-required | |
| https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md | exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.246640"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.246640"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file manage-phlebotomist.php. The manipulation of the argument pid leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246640."
},
{
"lang": "de",
"value": "In PHPGurukul Nipah Virus Testing Management System 1.0 wurde eine problematische Schwachstelle gefunden. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei manage-phlebotomist.php. Durch das Beeinflussen des Arguments pid mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-02T23:31:04.514Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.246640"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.246640"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-02T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-02T08:39:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System manage-phlebotomist.php cross-site request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6474",
"datePublished": "2023-12-02T23:31:04.514Z",
"dateReserved": "2023-12-02T07:34:35.254Z",
"dateUpdated": "2024-08-02T08:28:21.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6648
Vulnerability from cvelistv5
Published
2023-12-10 08:31
Modified
2025-02-22 11:12
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System password-recovery.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.247341 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.247341 | signature, permissions-required | |
| https://vuldb.com/?submit.246745 | third-party-advisory | |
| https://github.com/dhabaleshwar/niv_testing_sqliforgotpassword/blob/main/exploit.md | exploit | |
| https://phpgurukul.com/ | product |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:35:15.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.247341"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.247341"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sqliforgotpassword/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei password-recovery.php. Mittels Manipulieren des Arguments username/contactno mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-22T11:12:20.271Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-247341 | PHPGurukul Nipah Virus Testing Management System password-recovery.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.247341"
},
{
"name": "VDB-247341 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.247341"
},
{
"name": "Submit #246745 | PHPGurukul Nipah Virus Testing Management System 1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.246745"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sqliforgotpassword/blob/main/exploit.md"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-09T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-12-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-22T12:17:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System password-recovery.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6648",
"datePublished": "2023-12-10T08:31:03.969Z",
"dateReserved": "2023-12-09T17:06:21.079Z",
"dateUpdated": "2025-02-22T11:12:20.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4033
Vulnerability from cvelistv5
Published
2025-04-28 19:00
Modified
2025-04-28 19:50
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.306396 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.306396 | signature, permissions-required | |
| https://vuldb.com/?submit.559239 | third-party-advisory | |
| https://github.com/bluechips-zhao/myCVE/issues/2 | exploit, issue-tracking | |
| https://phpgurukul.com/ | product |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4033",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T19:50:39.228469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T19:50:50.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "bluechips (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. Affected is an unknown function of the file /patient-search-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei /patient-search-report.php. Mit der Manipulation des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T19:00:06.946Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-306396 | PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.306396"
},
{
"name": "VDB-306396 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.306396"
},
{
"name": "Submit #559239 | phpgurukul Nipah virus (NiV) \u2013 Testing Management System V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.559239"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/bluechips-zhao/myCVE/issues/2"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-04-28T08:02:28.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4033",
"datePublished": "2025-04-28T19:00:06.946Z",
"dateReserved": "2025-04-28T05:57:24.820Z",
"dateUpdated": "2025-04-28T19:50:50.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6465
Vulnerability from cvelistv5
Published
2023-12-02 12:00
Modified
2024-11-21 15:29
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System registered-user-testing.php cross site scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.246615 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.246615 | signature, permissions-required | |
| https://github.com/dhabaleshwar/niv_testing_reflectedxss/blob/main/exploit.md | exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.246615"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.246615"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_reflectedxss/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6465",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-06T15:54:18.906087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T15:29:00.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei registered-user-testing.php. Mittels Manipulieren des Arguments regmobilenumber mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-02T12:00:07.228Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.246615"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.246615"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_reflectedxss/blob/main/exploit.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-01T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-01T17:14:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System registered-user-testing.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6465",
"datePublished": "2023-12-02T12:00:07.228Z",
"dateReserved": "2023-12-01T16:09:13.483Z",
"dateUpdated": "2024-11-21T15:29:00.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-1857
Vulnerability from cvelistv5
Published
2025-03-03 08:00
Modified
2025-03-03 14:19
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.298125 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.298125 | signature, permissions-required | |
| https://vuldb.com/?submit.506120 | third-party-advisory | |
| https://github.com/panghuanjie/Code-audits/issues/1 | exploit, issue-tracking | |
| https://phpgurukul.com/ | product |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1857",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T14:18:04.457304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T14:19:21.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "panghuanjie66 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /check_availability.php. Durch die Manipulation des Arguments employeeid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T08:00:09.167Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-298125 | PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.298125"
},
{
"name": "VDB-298125 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.298125"
},
{
"name": "Submit #506120 | PHPGurukul Nipah Virus Testing Management System V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.506120"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/panghuanjie/Code-audits/issues/1"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-02T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-02T21:29:25.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1857",
"datePublished": "2025-03-03T08:00:09.167Z",
"dateReserved": "2025-03-02T20:24:22.745Z",
"dateUpdated": "2025-03-03T14:19:21.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6442
Vulnerability from cvelistv5
Published
2023-11-30 21:00
Modified
2024-10-10 20:18
Severity ?
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
3.5 (Low) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
3.5 (Low) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.246445 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.246445 | signature, permissions-required | |
| https://github.com/dhabaleshwar/niv_testing_sxss/blob/main/exploit.md | exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.246445"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.246445"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sxss/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6442",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-09T20:15:50.429161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T20:18:22.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246445 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "In PHPGurukul Nipah Virus Testing Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei add-phlebotomist.php. Dank Manipulation des Arguments empid/fullname mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T21:00:06.985Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.246445"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.246445"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sxss/blob/main/exploit.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-11-30T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-11-30T14:15:28.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6442",
"datePublished": "2023-11-30T21:00:06.985Z",
"dateReserved": "2023-11-30T13:10:19.439Z",
"dateUpdated": "2024-10-10T20:18:22.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-7099
Vulnerability from cvelistv5
Published
2023-12-25 02:31
Modified
2024-08-02 08:50
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System bwdates-report-result.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.248951 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.248951 | signature, permissions-required | |
| https://github.com/laoquanshi/heishou/blob/main/niv%20-SQL | broken-link | |
| https://github.com/laoquanshi/heishou/blob/main/sqlmap.png | broken-link, exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:50:08.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.248951"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.248951"
},
{
"tags": [
"broken-link",
"x_transferred"
],
"url": "https://github.com/laoquanshi/heishou/blob/main/niv%20-SQL"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/laoquanshi/heishou/blob/main/sqlmap.png"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "heishou (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248951."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei bwdates-report-result.php. Durch Beeinflussen des Arguments fromdate mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T07:32:00.722Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.248951"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.248951"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/laoquanshi/heishou/blob/main/niv%20-SQL"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/laoquanshi/heishou/blob/main/sqlmap.png"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-24T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-12-24T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-18T18:24:00.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System bwdates-report-result.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-7099",
"datePublished": "2023-12-25T02:31:04.313Z",
"dateReserved": "2023-12-24T11:12:45.328Z",
"dateUpdated": "2024-08-02T08:50:08.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6402
Vulnerability from cvelistv5
Published
2023-11-30 15:00
Modified
2024-08-02 08:28
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.246423 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.246423 | signature, permissions-required | |
| https://github.com/dhabaleshwar/niv_testing_sqli/blob/main/exploit.md | exploit |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.246423"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.246423"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sqli/blob/main/exploit.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "dhabaleshwar (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246423."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 gefunden. Dabei betrifft es einen unbekannter Codeteil der Datei add-phlebotomist.php. Dank Manipulation des Arguments empid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T15:00:05.748Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.246423"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.246423"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dhabaleshwar/niv_testing_sqli/blob/main/exploit.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-11-30T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-11-30T10:07:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6402",
"datePublished": "2023-11-30T15:00:05.748Z",
"dateReserved": "2023-11-30T09:01:51.048Z",
"dateUpdated": "2024-08-02T08:28:21.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-5804
Vulnerability from cvelistv5
Published
2023-10-26 20:00
Modified
2024-08-02 08:14
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System login.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.243617 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.243617 | signature, permissions-required | |
| https://github.com/JacksonStonee/Nipah-virus-NiV-Testing-Management-System-Using-PHP-and-MySQL-1.0-has-a-SQL-injection-vuln-login.php/blob/main/README.md | related |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:24.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.243617"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.243617"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/JacksonStonee/Nipah-virus-NiV-Testing-Management-System-Using-PHP-and-MySQL-1.0-has-a-SQL-injection-vuln-login.php/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "jacksonstone (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The identifier VDB-243617 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in PHPGurukul Nipah Virus Testing Management System 1.0 gefunden. Dies betrifft einen unbekannten Teil der Datei login.php. Dank der Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-26T20:00:06.279Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.243617"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.243617"
},
{
"tags": [
"related"
],
"url": "https://github.com/JacksonStonee/Nipah-virus-NiV-Testing-Management-System-Using-PHP-and-MySQL-1.0-has-a-SQL-injection-vuln-login.php/blob/main/README.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-10-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-26T16:01:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System login.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5804",
"datePublished": "2023-10-26T20:00:06.279Z",
"dateReserved": "2023-10-26T13:56:00.298Z",
"dateUpdated": "2024-08-02T08:14:24.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4026
Vulnerability from cvelistv5
Published
2025-04-28 15:31
Modified
2025-04-28 15:55
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS score ?
Summary
PHPGurukul Nipah Virus Testing Management System profile.php sql injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.306389 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.306389 | signature, permissions-required | |
| https://vuldb.com/?submit.558628 | third-party-advisory | |
| https://github.com/changan520374/cve/issues/1 | exploit, issue-tracking | |
| https://phpgurukul.com/ | product |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| PHPGurukul | Nipah Virus Testing Management System |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4026",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T15:55:00.931799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T15:55:04.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/changan520374/cve/issues/1"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nipah Virus Testing Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yinyun (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /profile.php. Mittels Manipulieren des Arguments adminname mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T15:31:05.178Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-306389 | PHPGurukul Nipah Virus Testing Management System profile.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.306389"
},
{
"name": "VDB-306389 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.306389"
},
{
"name": "Submit #558628 | phpgurukul Nipah virus (NiV) V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.558628"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/changan520374/cve/issues/1"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-04-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-04-28T07:52:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Nipah Virus Testing Management System profile.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4026",
"datePublished": "2025-04-28T15:31:05.178Z",
"dateReserved": "2025-04-28T05:46:55.685Z",
"dateUpdated": "2025-04-28T15:55:04.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}