CVE-2025-2473
published 2025-03-18CVE-2025-2473: A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.37%
81.7th percentile
A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Sign In. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | company_visitor_management_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →POST request to /index.php with a SQL injection payload in the 'username' parameter (e.g., admin' or '1'='1'#) should be flagged as an authentication bypass attempt against CVMS. ↗
- →Successful exploitation results in a 200 HTTP response containing the strings 'Admin user', 'Dashboard', and 'CVMS' in the response body — monitor for these in POST /index.php responses. ↗
- →Content-Type header 'application/x-www-form-urlencoded' combined with SQL metacharacters (single quote, comment marker #) in the username field of POST /index.php is a strong indicator of CVE-2025-2473 exploitation. ↗
- ·The Nuclei template targets version 1.0 in its name/description, but the NVD advisory attributes the vulnerability to version 2.0 — detection logic applies to both versions as the vulnerable endpoint and parameter are the same. ↗
- ·The attack is unauthenticated and remotely exploitable with no privileges required (CVSS PR:N, AV:N), meaning no prior session or credential is needed to trigger the injection. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6cq7-qpq2-9r7r: A vulnerability was found in PHPGurukul Company Visitor Management System 2
ghsa_unreviewed·2025-03-18
CVE-2025-2473 [MEDIUM] CWE-74 GHSA-6cq7-qpq2-9r7r: A vulnerability was found in PHPGurukul Company Visitor Management System 2
A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Sign In. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Red Hat
networkmanager: 4in6 and 6in6 protocols excessive trust
vendor_redhat·2025-01-14·CVSS 5.3
CVE-2025-23018 [MEDIUM] CWE-348 networkmanager: 4in6 and 6in6 protocols excessive trust
networkmanager: 4in6 and 6in6 protocols excessive trust
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
An insecure configuration flaw was found in the IPv4-in-IPv6 and IPv6-in-IPv6 protocols (RFC2473). When configured to not require authentication or filtering, this issue could allow a remote unauthenticated attacker to spoof packets or bypass access controls.
Statement: This vulnerability is rated as Low impact as it requires a known higher risk configuration. Multiple layers of defaults (packet forwarding and these specific protocols) are disabled by default. Red Hat p
No detection rules found.
Nuclei
Company Visitor Management System 1.0 - SQL Injection
nuclei·CVSS 6.9
CVE-2025-2473 [MEDIUM] Company Visitor Management System 1.0 - SQL Injection
Company Visitor Management System 1.0 - SQL Injection
Company Visitor Management System 1.0 contains a SQL injection vulnerability via the login page in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
Template:
id: CVE-2025-2473
info:
name: Company Visitor Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
description: |
Company Visitor Management System 1.0 contains a SQL injection vulnerability via the login page in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
imp
No writeups or analysis indexed.
2025-03-18
Published