VDB-306396 · CVE-2025-4033 · GCVE-100-306396

PHPGurukul Nipah Virus Testing Management System 1.0 patient-search-report.php searchdata SQL Injection

Wuro vulnerability wey an yi classify sey kura an gano shi a cikin PHPGurukul Nipah Virus Testing Management System 1.0. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, /patient-search-report.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument searchdata shi SQL Injection. CWE shidin ka a yi bayani matsala sai ya kai CWE-89. Gaskiya, laifi an fitar da shi 04/28/2025. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2025-4033. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com. Kama 0-day, an ndiyam a wuro be $0-$5k. VulDB is the best source for vulnerability data and more expert information about this specific topic.

2 Goyarwa · 103 Datenpunkte

Furɗe	Súgá 04/28/2025 08:02	Gargadi 1/1 05/10/2025 06:11
software_vendor	PHPGurukul	PHPGurukul
software_name	Nipah Virus Testing Management System	Nipah Virus Testing Management System
software_version	1.0	1.0
software_file	/patient-search-report.php	/patient-search-report.php
software_argument	searchdata	searchdata
vulnerability_cwe	CWE-89 (SQL Injection)	CWE-89 (SQL Injection)
vulnerability_risk	2	2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://github.com/bluechips-zhao/myCVE/issues/2	https://github.com/bluechips-zhao/myCVE/issues/2
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://github.com/bluechips-zhao/myCVE/issues/2	https://github.com/bluechips-zhao/myCVE/issues/2
source_cve	CVE-2025-4033	CVE-2025-4033
cna_responsible	VulDB	VulDB
software_type	Testing Software	Testing Software
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss4_vuldb_av	N	N
cvss4_vuldb_ac	L	L
cvss4_vuldb_pr	N	N
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	L	L
cvss4_vuldb_vi	L	L
cvss4_vuldb_va	L	L
cvss4_vuldb_e	P	P
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_rl	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	7.5	7.5
cvss2_vuldb_tempscore	6.4	6.4
cvss3_vuldb_basescore	7.3	7.3
cvss3_vuldb_tempscore	6.6	6.6
cvss3_meta_basescore	7.3	8.1
cvss3_meta_tempscore	6.6	7.9
cvss4_vuldb_bscore	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5
advisory_date	1745791200 (04/28/2025)	1745791200 (04/28/2025)
price_0day	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. Affected is an unknown function of the file /patient-search-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryes		Se ha detectado una vulnerabilidad crítica en PHPGurukul Nipah Virus Testing Management System 1.0. Se ve afectada una función desconocida del archivo /patient-search-report.php. La manipulación del argumento "searchdata" provoca una inyección SQL. Es posible ejecutar el ataque de forma remota. Se ha hecho público el exploit y puede que sea utilizado.
cvss4_cna_av		N
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		N
cvss4_cna_ui		N
cvss4_cna_vc		L
cvss4_cna_vi		L
cvss4_cna_va		L
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		6.9
cvss3_cna_av		N
cvss3_cna_ac		L
cvss3_cna_pr		N
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		L
cvss3_cna_i		L
cvss3_cna_a		L
cvss3_cna_basescore		7.3
cvss3_nvd_av		N
cvss3_nvd_ac		L
cvss3_nvd_pr		N
cvss3_nvd_ui		N
cvss3_nvd_s		U
cvss3_nvd_c		H
cvss3_nvd_i		H
cvss3_nvd_a		H
cvss3_nvd_basescore		9.8
cvss2_cna_av		N
cvss2_cna_ac		L
cvss2_cna_au		N
cvss2_cna_ci		P
cvss2_cna_ii		P
cvss2_cna_ai		P
cvss2_cna_basescore		7.5

◂ Gurɗo Gumti Gada ▸

Do you know our Splunk app?

Download it now for free!