CVE-2025-10402 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2025-10402?

CVE-2025-10402 has a CVSS score of 7.3 (HIGH). This vulnerability allows remote attackers to execute SQL injection attacks against PHPGurukul Beauty Parlour Management System 1.1 through the delid parameter in /admin/readenq.php. This can lead to unauthorized database access, data theft, or system compromise. Organizations using this specific version of the software are affected.

📋 TL;DR

This vulnerability allows remote attackers to execute SQL injection attacks against PHPGurukul Beauty Parlour Management System 1.1 through the delid parameter in /admin/readenq.php. This can lead to unauthorized database access, data theft, or system compromise. Organizations using this specific version of the software are affected.

💻 Affected Systems

Products:

PHPGurukul Beauty Parlour Management System

Versions: 1.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation and requires the /admin/readenq.php endpoint to be accessible.

📦 What is this software?

Beauty Parlour Management System by Phpgurukul

View all CVEs affecting Beauty Parlour Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise allowing data exfiltration, privilege escalation, and potential remote code execution on the underlying server.

🟠

Likely Case

Unauthorized access to sensitive customer and business data stored in the database, including personal information and financial records.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting the attacker's access scope.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly available on GitHub, making this easy to weaponize. Attack requires admin access to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If no patch exists, implement workarounds immediately. 3. Consider migrating to alternative software if vendor is unresponsive.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add proper input validation and parameterized queries to the readenq.php file to prevent SQL injection.

Edit /admin/readenq.php to replace raw SQL queries with prepared statements using mysqli or PDO

Access Restriction

all

Restrict access to the vulnerable admin endpoint using IP whitelisting or additional authentication layers.

Add .htaccess rules to restrict /admin/ directory to specific IPs or implement additional MFA

🧯 If You Can't Patch

Implement a Web Application Firewall (WAF) with SQL injection rules
Isolate the system on a segmented network with strict access controls

🔍 How to Verify

Check if Vulnerable:

Review the /admin/readenq.php file for unsanitized delid parameter usage in SQL queries.

Check Version:

Check the software version in the system configuration or about page.

Verify Fix Applied:

Test the delid parameter with SQL injection payloads to confirm proper input validation is in place.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts to admin panel
Suspicious delid parameter values in web server logs

Network Indicators:

SQL injection payloads in HTTP requests to /admin/readenq.php
Unusual database connection patterns

SIEM Query:

source="web_server" AND uri="/admin/readenq.php" AND (delid CONTAINS "'" OR delid CONTAINS "--" OR delid CONTAINS "UNION")

📊 Metadata

CVE ID: CVE-2025-10402

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.02% exploit probability (4.7th percentile)

Published: September 14, 2025

Last Updated: September 18, 2025

🔗 References

https://github.com/LitBot123/mycve/issues/6 Exploit,Issue Tracking,Third Party Advisory
https://phpgurukul.com/ Product
https://vuldb.com/?ctiid.323837 Permissions Required,VDB Entry
https://vuldb.com/?id.323837 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.646768 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10402, you might also want to check these: