CVE-2025-6322 is a SQL Injection vulnerability identified in version 1.0 of the PHPGurukul Pre-School Enrollment System, specifically within the /visit.php file. The vulnerability arises due to improper sanitization or validation of the 'gname' parameter, which an attacker can manipulate to inject malicious SQL code. This injection flaw allows an unauthenticated remote attacker to execute arbitrary SQL queries on the backend database without requiring any user interaction or privileges. The vulnerability is classified as medium severity with a CVSS 4.0 base score of 6.9, reflecting its potential to impact confidentiality, integrity, and availability to a limited extent. The attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The vulnerability does not affect system confidentiality, integrity, or availability in a complete manner but does have low impact on each (VC:L, VI:L, VA:L). The scope remains unchanged (S:U), and there is a proof-of-concept exploit publicly disclosed, although no known widespread exploitation has been reported. The lack of patches or mitigations currently available increases the risk for organizations using this software. Given that this system is used for pre-school enrollment, the database likely contains sensitive personal information about children and their families, making data confidentiality and integrity critical. Exploitation could lead to unauthorized data disclosure, data manipulation, or denial of service through database corruption or resource exhaustion. The vulnerability stems from a common web application security flaw—SQL Injection—highlighting the need for secure coding practices such as parameterized queries and input validation.

For European organizations using PHPGurukul Pre-School Enrollment System 1.0, this vulnerability poses a significant risk to the confidentiality and integrity of sensitive personal data related to children and their guardians. Exploitation could result in unauthorized access to enrollment records, potentially exposing personally identifiable information (PII) and violating data protection regulations such as GDPR. Data manipulation could disrupt enrollment processes, leading to operational disruptions and reputational damage. Although the vulnerability does not directly enable privilege escalation or system-wide compromise, the ability to execute arbitrary SQL commands remotely without authentication increases the attack surface considerably. The lack of patches means organizations remain exposed until mitigations are applied. Additionally, the public disclosure of the exploit code raises the likelihood of opportunistic attacks targeting vulnerable installations. Given the critical nature of educational data and the regulatory environment in Europe, exploitation could also result in legal and compliance consequences for affected entities.

Organizations should immediately conduct an inventory to identify any deployments of PHPGurukul Pre-School Enrollment System version 1.0. Since no official patches are currently available, the following specific mitigations are recommended: 1) Implement Web Application Firewall (WAF) rules to detect and block SQL injection attempts targeting the 'gname' parameter in /visit.php. 2) Apply input validation and sanitization at the application or proxy level to reject suspicious input patterns. 3) Restrict database user permissions to the minimum necessary, ensuring that the database account used by the application has limited privileges to reduce potential damage from injection attacks. 4) Monitor database query logs and web server logs for anomalous activity indicative of SQL injection attempts. 5) Where feasible, isolate the enrollment system behind network segmentation to limit exposure. 6) Plan for an upgrade or replacement of the vulnerable system with a version that addresses this vulnerability or an alternative solution. 7) Educate IT and security teams about this vulnerability and the importance of secure coding practices to prevent similar issues in future deployments.