Login Sign Up

CVE-2025-2380

7.3 HIGH
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in PHPGurukul Apartment Visitors Management System 1.0 allows attackers to manipulate database queries through the mobilenumber parameter in /admin-profile.php. Remote attackers can potentially access, modify, or delete sensitive visitor and apartment management data. All systems running the vulnerable version are affected.

💻 Affected Systems

Products:
  • PHPGurukul Apartment Visitors Management System
Versions: 1.0
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Requires PHP environment with database backend. The /admin-profile.php file must be accessible.

📦 What is this software?

Apartment Visitors Management System by Phpgurukul

View all CVEs affecting Apartment Visitors Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to execute arbitrary commands.

🟠

Likely Case

Unauthorized access to sensitive visitor records, personal data exposure, and potential privilege escalation within the management system.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or minor data leakage.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly disclosed. Attack requires access to admin profile functionality.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

Check vendor website for updates. If no patch available, implement input validation and parameterized queries in /admin-profile.php.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add server-side validation to sanitize mobilenumber parameter before processing SQL queries.

Implement parameterized queries or prepared statements in PHP code

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting /admin-profile.php

Configure WAF to detect and block SQL injection attempts

🧯 If You Can't Patch

  • Restrict access to /admin-profile.php to authorized admin users only
  • Implement network segmentation to isolate the management system from critical infrastructure

🔍 How to Verify

Check if Vulnerable:

Test /admin-profile.php endpoint with SQL injection payloads in mobilenumber parameter

Check Version:

Check system documentation or about page for version information

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and return proper error handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts to admin profile
  • SQL error messages in application logs

Network Indicators:

  • Unusual traffic patterns to /admin-profile.php
  • SQL injection patterns in HTTP requests

SIEM Query:

source="web_logs" AND uri="/admin-profile.php" AND (message="SQL" OR message="injection" OR message="syntax")

📊 Metadata

CVE ID: CVE-2025-2380
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.13% exploit probability (32.1th percentile)
Published: March 17, 2025
Last Updated: May 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-2380, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)