CVE-2025-6319 – A critical SQL injection vulnerability exists i... (How to Fix)

Q: What is the severity of CVE-2025-6319?

CVE-2025-6319 has a CVSS score of 6.3 (MEDIUM). A critical SQL injection vulnerability exists in PHPGurukul Pre-School Enrollment System 1.0, specifically in the /admin/add-teacher.php file's tsubject parameter. This allows remote attackers to execute arbitrary SQL commands on the database. Organizations using this software are affected.

📋 TL;DR

A critical SQL injection vulnerability exists in PHPGurukul Pre-School Enrollment System 1.0, specifically in the /admin/add-teacher.php file's tsubject parameter. This allows remote attackers to execute arbitrary SQL commands on the database. Organizations using this software are affected.

💻 Affected Systems

Products:

PHPGurukul Pre-School Enrollment System

Versions: 1.0

Operating Systems: Any OS running PHP and a compatible database (likely MySQL/MariaDB)

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the /admin/add-teacher.php endpoint to be accessible, which is part of the admin interface.

📦 What is this software?

Pre School Enrollment System by Phpgurukul

View all CVEs affecting Pre School Enrollment System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or full system takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized access to sensitive student, teacher, and administrative data, including personal information and system credentials.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to the affected table.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects a web application component.

🏢 Internal Only: MEDIUM - If the system is only internally accessible, risk is reduced but still significant due to potential insider threats or network breaches.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly disclosed on GitHub, making it easy for attackers to weaponize. Exploitation likely requires admin authentication to access the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

No official patch is available. Check the vendor website for updates or consider alternative software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the tsubject parameter in add-teacher.php.

Modify PHP code to use prepared statements: $stmt = $conn->prepare('INSERT INTO teachers (tsubject) VALUES (?)'); $stmt->bind_param('s', $tsubject); $stmt->execute();

Web Application Firewall (WAF)

all

Deploy a WAF to block SQL injection attempts targeting the /admin/add-teacher.php endpoint.

Configure WAF rules to detect and block SQL patterns in POST parameters, e.g., using ModSecurity with OWASP CRS.

🧯 If You Can't Patch

Disable or restrict access to the /admin/add-teacher.php endpoint using network ACLs or authentication hardening.
Implement database-level controls such as least privilege accounts and regular auditing of SQL logs.

🔍 How to Verify

Check if Vulnerable:

Test the /admin/add-teacher.php endpoint with SQL injection payloads in the tsubject parameter (e.g., ' OR '1'='1) and observe database errors or unexpected behavior.

Check Version:

Check the software version in the admin panel or via file metadata; no standard command exists as it's a custom web application.

Verify Fix Applied:

After applying workarounds, retest with SQL injection payloads to ensure no database errors or unauthorized data access occurs.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs from the web server IP, especially involving the teachers table or tsubject parameter.
HTTP POST requests to /admin/add-teacher.php with suspicious characters like quotes, semicolons, or SQL keywords in parameters.

Network Indicators:

HTTP traffic to /admin/add-teacher.php containing SQL injection patterns in POST data.

SIEM Query:

source="web_logs" AND url="/admin/add-teacher.php" AND (post_data LIKE "%' OR '%" OR post_data LIKE "% UNION %" OR post_data LIKE "%SELECT %")

📊 Metadata

CVE ID: CVE-2025-6319

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.04% exploit probability (12th percentile)

Published: June 20, 2025

Last Updated: June 26, 2025

🔗 References

https://github.com/f1rstb100d/myCVE/issues/72 Exploit,Issue Tracking,Third Party Advisory
https://phpgurukul.com/ Product
https://vuldb.com/?ctiid.313319 Permissions Required,VDB Entry
https://vuldb.com/?id.313319 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.596377 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6319, you might also want to check these: