VDB
CVE-2025-4014
CVE-2025-4014
PUBLISHED
CVSS 6.900000095367432 MEDIUM
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
EPSS 0.20% · 41.9th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
EPSS Score
0.20%
41.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| phpgurukul | art_gallery_management_system | 1.0 |
| PHPGurukul | Art Gallery Management System | 1.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-4014 (circl-sighting)
- CIRCL seen: CVE-2025-4014 (circl-sighting)
- VDB-306367 | PHPGurukul Art Gallery Management System manage-art-medium.php sql injection (circl)
- VDB-306367 | CTI Indicators (IOB, IOC, TTP, IOA) (circl)
- Submit #558350 | PHPGurukul Art Gallery Management System V1.0 SQL Injection (circl)
- https://phpgurukul.com/ (circl)
- https://github.com/ljfhhh/CVE/issues/2 (cve.org)
Timeline
- Apr 27, 2025 PoC Published
- Apr 28, 2025 EPSS Score
- Apr 28, 2025 CVE Published
- Apr 28, 2025 CVE Updated
- Apr 28, 2025 PoC Published
- May 10, 2025 EPSS Score
- May 15, 2025 Coalition ESS Score
- May 22, 2025 EPSS Score
- Jun 3, 2025 EPSS Score
- Jun 15, 2025 EPSS Score
- Jun 27, 2025 EPSS Score
- Jul 9, 2025 EPSS Score