CVE-2025-3351

CWE-74 CWE-89 — SQL Injection CWE-94 — Code Injection CWE-20 — Improper Input Validation10 documents5 sources

Severity

6.9MEDIUM

EPSS

0.2%

top 53.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul OLD AGE Home Management System

Timeline

PublishedApr 7

Latest updateOct 1

Description

A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5phpgurukul/old_age_home_management_system1.0

▶NVDphpgurukul/old_age_home_management_system1.0

🔴Vulnerability Details

GHSA

risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`↗2025-10-01

▶

GHSA

GHSA-rw9m-2gw8-75r7: A vulnerability has been found in PHPGurukul Old Age Home Management System 1↗2025-04-07

▶

CVEList

PHPGurukul Old Age Home Management System login.php sql injection↗2025-04-07

▶

📋Vendor Advisories

Microsoft

Chromium: CVE-2025-8010 Type Confusion in V8↗2025-07-08

▶

Microsoft

Chromium: CVE-2025-8011 Type Confusion in V8↗2025-07-08

▶

Microsoft

Chromium: CVE-2025-6556 Insufficient policy enforcement in Loader↗2025-06-10

▶

Microsoft

Chromium: CVE-2025-6555 Use after free in Animation↗2025-06-10

▶

Microsoft

Chromium: CVE-2025-6557 Insufficient data validation in DevTools↗2025-06-10

▶