CVE-2025-4226

Опубликовано: 03 мая 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability classified as critical has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname/comploc leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/diyuzhishen/mycve/issues/2
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.307323
Permissions Required
https://vuldb.com/?id.307323
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.562409
Third Party Advisory
VDB Entry
https://github.com/diyuzhishen/mycve/issues/2
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00068

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89

Связанные уязвимости

GHSA-9cfh-cv85-rqx7

CVSS3: 7.3

github

9 месяцев назад

A vulnerability classified as critical has been found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 21%

0.00068

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89