CVE-2025-40691
published 2025-09-11CVE-2025-40691: SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via…
critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via
'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | online_fire_reporting_system | — | — |