CVE-2025-4874 | PHPGurukul News Portal Project 4.1 /admin/contactus.php pagetitle sql injection

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection.

This vulnerability is handled as CVE-2025-4874. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4874 | PHPGurukul News Portal Project 4.1 /admin/contactus.php pagetitle sql injection

Post correlati

CVE-2024-0647 | Sparksuite SimpleMDE up to 1.11.2 iFrame cross site scripting

CVE-2024-36050 | NixOS Nix up to 2.22.1 Hash Cache code injection (Issue 969)

CVE-2024-50135 | Linux Kernel up to 6.6.58/6.11.5 nvme-pci drivers/pci/msi/api.c nvme_dev_disable race condition (4ed32cc0939b/b33e49a5f254/26bc0a81f64c)

CVE-2024-13008 | code-projects Responsive Hotel Site 1.0 /admin/newsletter.php eid sql injection