VDB
CVE-2025-5783
CVE-2025-5783
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown part of the file /editmyexp.php. The manipulation of the argument emp3workduration leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS 0.19% · 40.3th percentile
Risk Scores
CVSS 4.0
5.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
EPSS Score
0.19%
40.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| phpgurukul | employee_record_management_system | 1.3 |
| PHPGurukul | Employee Record Management System | 1.3 |
Exploit Intelligence
- VDB-311331 | PHPGurukul Employee Record Management System editmyexp.php sql injection (circl)
- VDB-311331 | CTI Indicators (IOB, IOC, TTP, IOA) (circl)
- Submit #591203 | PHPGurukul Employee Record Management System 1.3 SQL Injection (circl)
- https://phpgurukul.com/ (circl)
- https://github.com/f1rstb100d/myCVE/issues/58 (cve.org)
Timeline
- Jun 6, 2025 CVE Published
- Jun 6, 2025 CVE Updated
- Jun 7, 2025 EPSS Score
- Jun 18, 2025 EPSS Score
- Jun 28, 2025 EPSS Score
- Jul 9, 2025 EPSS Score
- Jul 19, 2025 EPSS Score
- Jul 30, 2025 EPSS Score
- Aug 10, 2025 EPSS Score
- Aug 20, 2025 EPSS Score
- Aug 31, 2025 EPSS Score
- Sep 10, 2025 EPSS Score
References
- VDB-311331 | PHPGurukul Employee Record Management System editmyexp.php sql injection vdb
- VDB-311331 | CTI Indicators (IOB, IOC, TTP, IOA) url
- Submit #591203 | PHPGurukul Employee Record Management System 1.3 SQL Injection third-party-advisory
- https://github.com/f1rstb100d/myCVE/issues/58 exploit
- https://phpgurukul.com/ url
- https://nvd.nist.gov/vuln/detail/CVE-2025-5783 advisory
- https://phpgurukul.com url