CVE-2025-6320 is a SQL Injection vulnerability identified in version 1.0 of the PHPGurukul Pre-School Enrollment System, specifically within the /admin/add-class.php file. The vulnerability arises from improper sanitization or validation of the 'classname' parameter, which is directly used in SQL queries. This flaw allows an unauthenticated remote attacker to inject malicious SQL code by manipulating the 'classname' argument, potentially leading to unauthorized access to the backend database. The attack vector requires no user interaction and can be executed over the network without prior authentication, increasing the risk of exploitation. Although the CVSS 4.0 base score is 5.3 (medium severity), the vulnerability's critical classification by the vendor suggests that the impact could be significant if exploited in certain contexts. The vulnerability affects only version 1.0 of the product, and no official patches or fixes have been published yet. No known exploits are currently reported in the wild, but the exploit details have been publicly disclosed, which may facilitate future attacks. The vulnerability impacts confidentiality, integrity, and availability to a limited extent, as indicated by the CVSS vector, with low to medium impact on each security property. The scope is limited to the affected system, and no privilege escalation or scope change is indicated. The vulnerability is exploitable remotely without authentication or user interaction, which increases its risk profile despite the medium CVSS score.

For European organizations using the PHPGurukul Pre-School Enrollment System version 1.0, this vulnerability poses a risk of unauthorized database access, which could lead to leakage or manipulation of sensitive enrollment data, including personal information of children and parents. This could result in privacy violations under GDPR, reputational damage, and potential regulatory penalties. The SQL injection could also be leveraged to modify or delete enrollment records, disrupting school administrative operations and availability of services. Although the product targets pre-school enrollment, educational institutions and related administrative bodies in Europe that rely on this system could face operational disruptions. The medium CVSS score suggests moderate risk; however, the critical classification and public exploit disclosure increase the urgency for mitigation. The impact is more pronounced in organizations that have not implemented compensating controls such as web application firewalls or input validation layers. Since the vulnerability allows remote exploitation without authentication, attackers could automate attacks at scale, potentially affecting multiple institutions across Europe.

1. Immediate mitigation should include restricting access to the /admin/add-class.php endpoint to trusted IP addresses or VPNs to reduce exposure. 2. Implement web application firewalls (WAF) with rules specifically designed to detect and block SQL injection attempts targeting the 'classname' parameter. 3. Apply rigorous input validation and sanitization on all user-supplied data, especially the 'classname' parameter, using parameterized queries or prepared statements to prevent SQL injection. 4. If possible, upgrade or patch the PHPGurukul Pre-School Enrollment System to a version that addresses this vulnerability once available. 5. Conduct a thorough audit of database logs and application logs to detect any signs of exploitation attempts. 6. Educate administrative users about the risk and encourage monitoring for unusual activity. 7. As a longer-term measure, consider migrating to more secure and actively maintained enrollment management systems with robust security practices. 8. Regularly back up enrollment data and verify backup integrity to enable recovery in case of data tampering or loss.