CVE-2025-25355 – A SQL injection vulnerability in PHPGurukul Lan... (How to Fix)

Q: What is the severity of CVE-2025-25355?

CVE-2025-25355 has a CVSS score of 7.2 (HIGH). A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execute arbitrary SQL commands via the 'fromdate' parameter in the admin interface. This could lead to unauthorized data access, modification, or deletion. Organizations using this specific version of the land record system are affected.

📋 TL;DR

A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execute arbitrary SQL commands via the 'fromdate' parameter in the admin interface. This could lead to unauthorized data access, modification, or deletion. Organizations using this specific version of the land record system are affected.

💻 Affected Systems

Products:

PHPGurukul Land Record System

Versions: v1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to /admin/bwdates-reports-details.php endpoint

📦 What is this software?

Land Record System by Phpgurukul

View all CVEs affecting Land Record System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chain.

🟠

Likely Case

Unauthorized access to sensitive land record data, potential data manipulation or exfiltration.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage scope.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Proof of concept available in GitHub repository, requires admin access to exploit

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Implement input validation and parameterized queries in /admin/bwdates-reports-details.php

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add server-side validation for the fromdate parameter to only accept valid date formats

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns in POST parameters

🧯 If You Can't Patch

Restrict access to /admin/bwdates-reports-details.php endpoint using IP whitelisting
Implement database user with minimal permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test the fromdate parameter with SQL injection payloads like ' OR '1'='1

Check Version:

Check PHPGurukul Land Record System version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return error messages

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts to admin interface
Suspicious POST requests to /admin/bwdates-reports-details.php

Network Indicators:

SQL keywords in POST parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="/admin/bwdates-reports-details.php" AND (POST_param="fromdate" AND value CONTAINS "' OR" OR value CONTAINS "UNION" OR value CONTAINS "SELECT")

📊 Metadata

CVE ID: CVE-2025-25355

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

EPSS Score: 0.7% exploit probability (71.6th percentile)

Published: February 13, 2025

Last Updated: February 14, 2025

🔗 References

https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20fromdate.pdf Exploit,Third Party Advisory
https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20fromdate.pdf Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25355, you might also want to check these: