A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been classified as critical. This affects an unknown part of the file /download-medical-cards.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://github.com/chenyihao-cyber/CVE/issues/4 | Exploit Third Party Advisory Issue Tracking |
| https://github.com/chenyihao-cyber/CVE/issues/4 | Exploit Third Party Advisory Issue Tracking |
| https://phpgurukul.com/ | Product |
| https://vuldb.com/?ctiid.299877 | Permissions Required VDB Entry |
| https://vuldb.com/?id.299877 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.515822 | Third Party Advisory VDB Entry |
Configurations
History
02 Apr 2025, 12:31
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:phpgurukul:medical_card_system:1.0:*:*:*:*:*:*:* | |
| First Time |
Phpgurukul medical Card System
Phpgurukul |
|
| References | () https://phpgurukul.com/ - Product | |
| References | () https://vuldb.com/?submit.515822 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.299877 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.299877 - Third Party Advisory, VDB Entry | |
| References | () https://github.com/chenyihao-cyber/CVE/issues/4 - Exploit, Third Party Advisory, Issue Tracking |
17 Mar 2025, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
| CWE | CWE-74 |
17 Mar 2025, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-17 13:15
Updated : 2025-04-02 12:31
NVD link : CVE-2025-2378
Mitre link : CVE-2025-2378
JSON object : View
Products Affected
phpgurukul
- medical_card_system
CWE
No CWE.