VDB
CVE-2025-4030
CVE-2025-4030
PUBLISHED
CVSS 6.900000095367432 MEDIUM
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been classified as critical. This affects an unknown part of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS 0.21% · 43.7th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
EPSS Score
0.21%
43.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| phpgurukul | covid19_testing_management_system | 1.0 |
| PHPGurukul | COVID19 Testing Management System | 1.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-4030 (circl-sighting)
- CIRCL seen: CVE-2025-4030 (circl-sighting)
- VDB-306393 | PHPGurukul COVID19 Testing Management System search-report-result.php sql injection (circl)
- VDB-306393 | CTI Indicators (IOB, IOC, TTP, IOA) (circl)
- Submit #559199 | PHPGurukul Testing Management System V1.0 SQL Injection (circl)
- https://phpgurukul.com/ (circl)
- https://github.com/JunZ-Leo/CVE/issues/2 (cve.org)
Timeline
- Apr 28, 2025 CVE Published
- Apr 28, 2025 PoC Published
- Apr 28, 2025 PoC Published
- Apr 29, 2025 EPSS Score
- May 10, 2025 CVE Updated
- May 11, 2025 EPSS Score
- May 17, 2025 Coalition ESS Score
- May 22, 2025 Coalition ESS Score
- May 23, 2025 EPSS Score
- Jun 4, 2025 EPSS Score
- Jun 6, 2025 Coalition ESS Score
- Jun 16, 2025 EPSS Score
References
- VDB-306393 | PHPGurukul COVID19 Testing Management System search-report-result.php sql injection vdb
- VDB-306393 | CTI Indicators (IOB, IOC, TTP, IOA) url
- Submit #559199 | PHPGurukul Testing Management System V1.0 SQL Injection third-party-advisory
- https://github.com/JunZ-Leo/CVE/issues/2 exploit
- https://phpgurukul.com/ url
- https://nvd.nist.gov/vuln/detail/CVE-2025-4030 advisory
- https://phpgurukul.com url