exploitDog

CVE-2025-5227

Опубликовано: 27 мая 2025

Источник: nvd

CVSS3: 7.3

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Ссылки

https://github.com/bleakTS/myCVE/issues/18
Exploit
Issue Tracking
Third Party Advisory
https://phpgurukul.com/
Product
https://vuldb.com/?ctiid.310325
Permissions Required
VDB Entry
https://vuldb.com/?id.310325
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.583423
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:small_crm:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00034

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-5p5c-x823-xmpj

CVSS3: 7.3

github

9 месяцев назад

A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

EPSS

Процентиль: 9%

0.00034

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74