CVE-2025-45947 is a critical remote code execution (RCE) vulnerability identified in the phpgurukul Online Banquet Booking System version 1.2. The vulnerability exists specifically in the /obbs/change-password.php file, which is part of the 'My Account - Change Password' functionality. This flaw is categorized under CWE-94, indicating that it is related to improper control of code generation, commonly known as code injection or unsafe evaluation of user input. An attacker can exploit this vulnerability remotely without any authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The vulnerability allows an attacker to execute arbitrary code on the affected server, potentially leading to full system compromise. The CVSS score of 9.8 (critical) reflects the high impact on confidentiality, integrity, and availability, as the attacker can fully control the system, steal sensitive data, modify or delete information, and disrupt services. No patches or vendor mitigations have been published yet, and no known exploits are currently observed in the wild. However, given the severity and ease of exploitation, this vulnerability poses a significant threat to any organization using this software, especially those exposing the vulnerable component to the internet.

For European organizations using the phpgurukul Online Banquet Booking System, this vulnerability represents a severe risk. Successful exploitation could lead to unauthorized access to sensitive customer and business data, disruption of booking services, and potential lateral movement within the network. This could result in financial losses, reputational damage, and regulatory penalties under GDPR due to data breaches. The ability to execute arbitrary code remotely without authentication means attackers can deploy malware, ransomware, or establish persistent backdoors. Organizations in the hospitality and event management sectors, which rely on such booking systems, are particularly vulnerable. Additionally, if the compromised system is integrated with payment processing or customer relationship management systems, the impact could extend beyond the booking platform itself.

1. Immediate isolation of any systems running phpgurukul Online Banquet Booking System version 1.2 from public networks until a patch or official fix is available. 2. Implement strict network segmentation and firewall rules to restrict access to the /obbs/change-password.php endpoint, allowing only trusted internal IPs if possible. 3. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting code injection patterns in the change-password functionality. 4. Conduct thorough code reviews and input validation enhancements on the affected component to sanitize and validate all user inputs rigorously, preventing code injection. 5. Monitor logs for unusual activities, especially unexpected POST requests to the change-password.php file, and set up alerts for potential exploitation attempts. 6. Prepare incident response plans specifically addressing potential exploitation scenarios of this vulnerability. 7. Engage with the vendor or community to obtain patches or updates as soon as they become available and prioritize their deployment. 8. Consider temporary alternative booking solutions or manual processes to reduce reliance on the vulnerable system until remediation is complete.