Vulnerabilities in PHPGurukul

706 results
Vexday analysis

Com 706 CVEs catalogadas e 19 novas entradas nos últimos 90 dias, o portfólio de vulnerabilidades em produtos PHPGurukul demonstra volume expressivo e ritmo contínuo de descoberta. A falha mais prevalente é CWE-89 (SQL Injection), o que é coerente com o perfil de aplicações PHP orientadas a banco de dados; o CVE mais perigoso atualmente ativo é CVE-2023-0562, com score EPSS de 0,4117 — valor relevante que indica probabilidade não negligenciável de exploração. Embora a taxa de exploração confirmada (0 entradas no CISA KEV) esteja abaixo da média geral do catálogo, a existência de 20 vulnerabilidades com PoC pública e 13 de severidade crítica representa superfície de ataque considerável para equipes que dependem dessas aplicações. A presença de código de prova de conceito disponível publicamente eleva o risco prático mesmo sem confirmação formal de exploração em larga escala, exigindo atenção prioritária na aplicação de patches e validação de entradas.

CVE-2025-7158MEDIUMPHPGurukul Zoo Management System manage-normal-ticket.php sql injectionEPSS 0.3%CVE-2025-7582MEDIUMPHPGurukul Online Fire Reporting System assigned-requests.php sql injectionEPSS 0.3%CVE-2025-6913MEDIUMPHPGurukul Student Record System admin-profile.php sql injectionEPSS 0.3%CVE-2025-7600MEDIUMPHPGurukul Online Library Management System student-history.php sql injectionEPSS 0.3%CVE-2025-7585MEDIUMPHPGurukul Online Fire Reporting System manage-site.php sql injectionEPSS 0.3%CVE-2025-7591MEDIUMPHPGurukul Dairy Farm Shop Management System view-invoice.php sql injectionEPSS 0.3%CVE-2025-7588MEDIUMPHPGurukul Dairy Farm Shop Management System edit-product.php sql injectionEPSS 0.3%CVE-2025-7599MEDIUMPHPGurukul Dairy Farm Shop Management System invoice.php sql injectionEPSS 0.3%CVE-2025-7590MEDIUMPHPGurukul Dairy Farm Shop Management System edit-category.php sql injectionEPSS 0.3%CVE-2024-13082MEDIUMPHPGurukul Land Record System search-property.php cross site scriptingEPSS 0.3%CVE-2025-2375MEDIUMPHPGurukul Human Metapneumovirus Testing Management System Admin Profile Page profile.php cross site scriptingEPSS 0.3%CVE-2025-40687CRITICALSQL injection in PHPGurukul Online Fire Reporting SystemEPSS 0.3%CVE-2026-0547MEDIUMPHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted uploadEPSS 0.3%CVE-2024-13083MEDIUMPHPGurukul Land Record System admin-profile.php cross site scriptingEPSS 0.3%CVE-2024-13081MEDIUMPHPGurukul Land Record System contactus.php cross site scriptingEPSS 0.3%CVE-2025-40692CRITICALSQL injection in PHPGurukul Online Fire Reporting SystemEPSS 0.3%CVE-2025-40691CRITICALSQL injection in PHPGurukul Online Fire Reporting SystemEPSS 0.3%CVE-2025-9756MEDIUMPHPGurukul User Management System change-emailid.php sql injectionEPSS 0.3%CVE-2025-40690CRITICALSQL injection in PHPGurukul Online Fire Reporting SystemEPSS 0.3%CVE-2025-40689CRITICALSQL injection in PHPGurukul Online Fire Reporting SystemEPSS 0.3%