CVE-2025-3973 MEDIUM

CVE-2025-3973: PHPGurukul COVID19 Testing Management System check_availability.php sql injection

Vendor Phpgurukul
Product COVID19 Testing Management System
Weakness CWE-89 · SQLi
Published April 27, 2025
Last update April 28, 2025
View on NVD All CVEs

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability, which was classified as critical, was found in PHPGurukul COVID19 Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument mobnumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Key dates

02Disclosure timeline

April 27, 2025 CVE published
April 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-7934 fuyang_lipengjun platform ScheduleJobController.java queryPage sql injection CVE-2024-55981 WordPress Nabz Image Gallery plugin <= v1.00 - SQL Injection vulnerability CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint CVE-2025-2665 PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injection CVE-2025-7859 code-projects Church Donation System update_password_admin.php sql injection