CVE-2025-7560 is a SQL Injection vulnerability identified in version 1.2 of the PHPGurukul Online Fire Reporting System, specifically within the /admin/workin-progress-requests.php file. The vulnerability arises from improper sanitization or validation of the 'teamid' parameter, which is susceptible to malicious input manipulation. An attacker can remotely exploit this flaw by crafting specially designed requests that inject SQL commands via the 'teamid' argument, potentially allowing unauthorized access to or modification of the backend database. The vulnerability does not require user interaction but does require some level of privileges (PR:L) to exploit, indicating that the attacker must have limited privileges, possibly authenticated access, to initiate the attack. The CVSS 4.0 base score is 5.3, categorizing it as medium severity. The impact vector includes low confidentiality, integrity, and availability impacts, suggesting partial data exposure or modification rather than full system compromise. No patches or fixes have been published yet, and no known exploits are currently active in the wild, though the exploit details have been publicly disclosed, increasing the risk of future exploitation. The vulnerability affects a critical component of the system used for managing fire incident reports, which could lead to data integrity issues or unauthorized data disclosure if exploited.

For European organizations using the PHPGurukul Online Fire Reporting System 1.2, this vulnerability poses a risk to the confidentiality and integrity of sensitive fire incident data. Exploitation could allow attackers to manipulate or extract data related to fire incidents, response teams, and ongoing investigations, potentially undermining emergency response effectiveness and public safety. Data leakage could also expose personal or operational information, leading to privacy violations and regulatory non-compliance under GDPR. Although the vulnerability requires some privilege level, insider threats or compromised credentials could facilitate exploitation. The medium severity rating suggests limited but meaningful damage, especially in critical public safety infrastructures. Disruption or data tampering in fire reporting systems could delay emergency responses or misinform decision-makers, with potentially severe consequences. The lack of available patches necessitates immediate attention to prevent exploitation as exploit code is publicly available.

1. Immediate mitigation should involve restricting access to the /admin/workin-progress-requests.php endpoint to trusted and authenticated users only, employing strong authentication and role-based access controls to limit privilege levels. 2. Implement Web Application Firewall (WAF) rules specifically designed to detect and block SQL injection patterns targeting the 'teamid' parameter. 3. Conduct thorough input validation and sanitization on all user-supplied inputs, especially the 'teamid' parameter, using prepared statements or parameterized queries to prevent injection. 4. Monitor logs for unusual query patterns or repeated failed attempts targeting the vulnerable endpoint. 5. If possible, isolate the affected system from external networks or restrict network access until a patch or update is available. 6. Engage with PHPGurukul or the software vendor to obtain or request a security patch addressing this vulnerability. 7. Educate administrators and users about the risk and signs of exploitation to enhance detection and response capabilities.