CNNVD-202512-164 Information

CNNVD ID

CNNVD-202512-164

Related CVE

CVE-2025-65379

• CNNVD Published: 2025-12-02

Description (Chinese)

PHPGurukul Billing System是PHPGurukul公司的一个计费系统。 PHPGurukul Billing System 1.0版本存在安全漏洞，该漏洞源于/admin/password-recovery.php中的username和mobileno参数未经验证，可能导致SQL注入攻击。

Description (English)

PHPGurukul Billing Systems is a billing system for PHPGurukul. PHPGurukul Billing System Version 1.0 contains a security loophole that originates from unverified parameters /admin/password-research.php username and mobileno, which may result in an injection attack by SQL.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2025-12-02

Last Modified

2026-02-24

References

https://github.com/dewcode91/security-research/blob/main/CVE-2025-65379.md https://phpgurukul.com/billing-system-using-php-and-mysql/ https://access.redhat.com/security/cve/cve-2025-65379