CVE-2025-5374 is a SQL Injection vulnerability identified in version 2.0 of the PHPGurukul Online Birth Certificate System, specifically within the /admin/all-applications.php file. The vulnerability arises from improper sanitization or validation of the 'del' parameter, which is used in SQL queries. An attacker can manipulate this parameter remotely without authentication or user interaction to inject malicious SQL code. This can lead to unauthorized access to the backend database, allowing attackers to read, modify, or delete sensitive data related to birth certificate applications. The vulnerability is classified as medium severity with a CVSS 4.0 base score of 5.3, reflecting that while the attack vector is network-based and requires no user interaction, it does require low privileges (PR:L) and has limited impact on confidentiality, integrity, and availability. The exploit has been publicly disclosed, increasing the risk of exploitation, although no known active exploits have been reported in the wild yet. The lack of available patches or mitigation guidance from the vendor increases the urgency for organizations to implement compensating controls.

For European organizations, especially government agencies or municipal offices responsible for civil registration and vital statistics, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of personally identifiable information (PII) such as birth records, which are highly sensitive and protected under GDPR. Data integrity could also be compromised, potentially allowing attackers to alter official records, leading to legal and administrative complications. Availability impacts could disrupt the issuance of birth certificates, affecting citizens' access to essential services. The public disclosure of the vulnerability increases the likelihood of opportunistic attacks, which could target less-secure implementations of the system. Given the critical nature of birth certificate data and the trust placed in these systems, any breach could damage public trust and result in regulatory penalties for non-compliance with data protection laws.

Organizations using PHPGurukul Online Birth Certificate System 2.0 should immediately audit their installations for the presence of the vulnerable /admin/all-applications.php endpoint. Since no official patch is currently available, the following specific mitigations are recommended: 1) Implement Web Application Firewall (WAF) rules to detect and block SQL injection patterns targeting the 'del' parameter. 2) Restrict access to the /admin directory by IP whitelisting or VPN-only access to reduce exposure. 3) Conduct input validation and sanitization at the application level, ensuring that parameters like 'del' accept only expected values (e.g., numeric IDs) and reject any suspicious input. 4) Monitor database logs for unusual queries or failed attempts indicative of injection attempts. 5) Plan for an upgrade or replacement of the vulnerable system with a more secure solution, or request vendor support for patches. 6) Educate administrators on the risks and signs of exploitation to enable rapid incident response.