A vulnerability classified as critical has been found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/view-outgoingvehicle-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7484 is a SQL Injection vulnerability identified in version 1.13 of the PHPGurukul Vehicle Parking Management System, specifically within the /admin/view-outgoingvehicle-detail.php file. The vulnerability arises from improper sanitization or validation of the 'viewid' parameter, which is used in SQL queries. An attacker can remotely manipulate this parameter to inject malicious SQL code, potentially allowing unauthorized access to or manipulation of the backend database. The vulnerability does not require user interaction or authentication, making it remotely exploitable over the network. The CVSS 4.0 score is 5.3 (medium severity), reflecting that while the attack vector is network-based and does not require privileges or user interaction, the impact on confidentiality, integrity, and availability is limited to low levels. The vulnerability has been publicly disclosed, but no known exploits are currently active in the wild. The lack of a patch link suggests that no official fix has been released yet, increasing the urgency for mitigation. SQL Injection vulnerabilities can lead to data leakage, unauthorized data modification, or in some cases, full system compromise depending on the database permissions and application architecture. Given the affected component is an administrative interface, exploitation could allow attackers to access sensitive operational data related to vehicle parking management, potentially impacting business operations and privacy compliance.

CVE Database V5

Detailed information about CVE-2025-7484: SQL Injection in PHPGurukul Vehicle Parking Management System affecting PHPGurukul Vehicle Parking Management System. 

CVE-2025-7484: SQL Injection in PHPGurukul Vehicle Parking Management System - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7484: SQL Injection in PHPGurukul Vehicle Parking Management System

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been rated as critical. This issue affects some unknown processing of the file /users/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7483 is a critical SQL Injection vulnerability identified in version 1.13 of the PHPGurukul Vehicle Parking Management System. The vulnerability resides in the /users/forgot-password.php script, specifically in the handling of the 'email' parameter. An attacker can manipulate this parameter to inject malicious SQL code, which the backend database executes. This flaw allows an unauthenticated remote attacker to potentially access, modify, or delete sensitive data within the database, bypass authentication mechanisms, or escalate privileges. The vulnerability does not require any user interaction or prior authentication, making it highly exploitable. Although the CVSS 4.0 score is 6.9 (medium severity), the nature of SQL Injection vulnerabilities often leads to significant impacts on confidentiality, integrity, and availability of data. The vulnerability has been publicly disclosed, increasing the risk of exploitation, but no known exploits in the wild have been reported yet. The absence of official patches or mitigation guidance from the vendor further elevates the risk for organizations using this software. Given that the affected component is part of a vehicle parking management system, the compromise could lead to unauthorized access to user credentials, parking records, and potentially manipulation of parking operations, which could disrupt services or lead to data breaches.

Detailed information about CVE-2025-7483: SQL Injection in PHPGurukul Vehicle Parking Management System affecting PHPGurukul Vehicle Parking Management System. 

CVE-2025-7483: SQL Injection in PHPGurukul Vehicle Parking Management System - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7483: SQL Injection in PHPGurukul Vehicle Parking Management System

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been declared as critical. This vulnerability affects unknown code of the file /users/print.php. The manipulation of the argument vid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7482 is a SQL Injection vulnerability identified in version 1.13 of the PHPGurukul Vehicle Parking Management System. The vulnerability resides in the /users/print.php file, specifically through the manipulation of the 'vid' parameter. An attacker can remotely exploit this flaw without requiring authentication or user interaction. By injecting malicious SQL code into the 'vid' parameter, the attacker can manipulate backend database queries, potentially extracting sensitive information, modifying data, or disrupting database operations. The vulnerability has been publicly disclosed, increasing the risk of exploitation, although no known exploits are currently observed in the wild. The CVSS 4.0 score is 5.3 (medium severity), reflecting a network attack vector with low complexity and no privileges or user interaction needed, but with limited impact on confidentiality, integrity, and availability. The vulnerability does not affect system components beyond the database query layer, and the scope is limited to the affected version 1.13 of the product. Given the nature of SQL injection, successful exploitation could lead to unauthorized data access or data corruption within the parking management system's database.

Detailed information about CVE-2025-7482: SQL Injection in PHPGurukul Vehicle Parking Management System affecting PHPGurukul Vehicle Parking Management System. 

CVE-2025-7482: SQL Injection in PHPGurukul Vehicle Parking Management System - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7482: SQL Injection in PHPGurukul Vehicle Parking Management System

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /users/profile.php. The manipulation of the argument firstname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

CVE-2025-7481 is a SQL Injection vulnerability identified in version 1.13 of the PHPGurukul Vehicle Parking Management System. The vulnerability resides in the /users/profile.php file, specifically involving the 'firstname' parameter, which is susceptible to malicious input manipulation. This flaw allows an unauthenticated remote attacker to inject arbitrary SQL commands into the backend database queries. The injection occurs due to insufficient input validation or sanitization of the 'firstname' parameter, potentially enabling attackers to read, modify, or delete data within the database. Although the exact extent of affected parameters beyond 'firstname' is not fully known, the disclosure suggests other inputs might also be vulnerable. The vulnerability has been publicly disclosed, but no known exploits are currently observed in the wild. The CVSS 4.0 base score is 5.3, indicating a medium severity level, with attack vector being network-based, no user interaction required, and no privileges needed. The impact on confidentiality, integrity, and availability is limited but present, as the vulnerability could allow partial data leakage or unauthorized data manipulation. The vulnerability does not require authentication, increasing its risk profile. However, the lack of known active exploitation and limited scope of impact reduces the immediate criticality. The absence of official patches or mitigation guidance from the vendor at this time increases the risk for organizations using this system.

Detailed information about CVE-2025-7481: SQL Injection in PHPGurukul Vehicle Parking Management System affecting PHPGurukul Vehicle Parking Management System. 

CVE-2025-7481: SQL Injection in PHPGurukul Vehicle Parking Management System - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7481: SQL Injection in PHPGurukul Vehicle Parking Management System

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached locally. The patch is named cfa44575020f3fb045fd971358442053c8684d3d. It is recommended to apply a patch to fix this issue.

Detailed information about CVE-2025-7485: Reachable Assertion in Open5GS affecting null Open5GS. Get real-time updates, technical details, and mitigation strate

CVE-2025-7485: Reachable Assertion in Open5GS

CVE-2025-7485: Reachable Assertion in Open5GS

Description

Technical Details

Related Threats

CVE-2025-7484: SQL Injection in PHPGurukul Vehicle Parking Management System

CVE-2025-7483: SQL Injection in PHPGurukul Vehicle Parking Management System

CVE-2025-7482: SQL Injection in PHPGurukul Vehicle Parking Management System

CVE-2025-7481: SQL Injection in PHPGurukul Vehicle Parking Management System

CVE-2025-7480: SQL Injection in PHPGurukul Vehicle Parking Management System

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility