EUVD-2025-16818

| CVE-2025-5560 HIGH
2025-06-04 [email protected]
PHP SQLi Curfew E Pass Management System
7.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 14, 2026 - 17:29 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:29 euvd
EUVD-2025-16818
PoC Detected
Jun 10, 2025 - 15:10 vuln.today
Public exploit code
CVE Published
Jun 04, 2025 - 04:16 nvd
HIGH 7.3

DescriptionNVD

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical SQL injection vulnerability in PHPGurukul Curfew e-Pass Management System version 1.0, where unsanitized input in the 'searchdata' parameter of /index.php allows unauthenticated remote attackers to execute arbitrary SQL queries. The vulnerability has been publicly disclosed with exploit code available, enabling attackers to extract sensitive data, modify records, or potentially execute system commands depending on database permissions and backend configuration. This represents an immediate threat to organizations using this system.

Technical ContextAI

The vulnerability resides in PHPGurukul Curfew e-Pass Management System 1.0, a PHP-based web application. The root cause is classified under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component), indicating insufficient input validation and output encoding in the /index.php file. The 'searchdata' GET/POST parameter is directly concatenated into SQL queries without parameterized statements or prepared statements, enabling classical SQL injection. The affected component handles search functionality, likely used for querying e-pass records. PHP applications of this nature typically interact with MySQL/MariaDB backends, and the lack of input sanitization (no use of mysqli_real_escape_string, parameterized queries, or ORM frameworks) allows attackers to break out of intended SQL syntax and inject arbitrary commands.

RemediationAI

Immediate actions: (1) If still in use, disable or restrict network access to the e-pass management system until patched; (2) Implement Web Application Firewall (WAF) rules to block SQL injection payloads in the searchdata parameter (e.g., blocking common keywords: UNION, SELECT, DROP, OR 1=1); (3) Enable SQL query logging and monitor for suspicious patterns. Long-term remediation: (1) Upgrade to a patched version if available from PHPGurukul—check their official website or GitHub repository for updates beyond 1.0; (2) If no patch exists, migrate to an actively maintained alternative e-pass management system; (3) If patching in-place, apply input validation: use prepared statements with parameterized queries (mysqli_prepare or PDO with bound parameters), implement whitelist validation for searchdata parameter, and enforce principle of least privilege on database user (remove administrative database rights). Code-level fix: Replace direct SQL concatenation with parameterized queries, e.g., $stmt = $mysqli->prepare('SELECT * FROM epasses WHERE name LIKE ?'); $stmt->bind_param('s', '%'.$_GET['searchdata'].'%'); $stmt->execute();

Share

EUVD-2025-16818 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy