Skip to main content

User Registration Login And User Management System CVE-2020-25952

CRITICAL
SQL Injection (CWE-89)
2020-11-16 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 16, 2020 - 16:15 nvd
CRITICAL 9.8

DescriptionNVD

SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.

AnalysisAI

SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. Affected products include: Phpgurukul User Registration \& Login And User Management System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.

CVE-2025-45949 CRITICAL POC
9.8 Apr 28

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /login

CVE-2024-48283 CRITICAL POC
9.8 Oct 15

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-res

CVE-2024-48282 HIGH POC
7.6 Oct 15

A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Manag

CVE-2024-48280 HIGH POC
7.6 Oct 15

A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Managemen

CVE-2024-48279 HIGH POC
7.6 Oct 15

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Manageme

CVE-2025-2050 MEDIUM POC
6.9 Mar 07

A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3.

CVE-2024-11818 MEDIUM POC
6.9 Nov 27

A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System

CVE-2024-11817 MEDIUM POC
6.9 Nov 26

A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. Rated medium severity

CVE-2024-28323 MEDIUM POC
6.5 Mar 14

The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a pot

CVE-2025-28011 MEDIUM POC
6.1 Mar 13

A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management

CVE-2024-25202 MEDIUM POC
6.1 Feb 28

Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attacke

CVE-2024-48278 MEDIUM POC
5.5 Oct 15

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) v

Share

CVE-2020-25952 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy