CVE-2025-10114 | PHPGurukul Small CRM 4.0 /profile.php Name sql injection

Inserito da Angelo Barbosa | Set 8, 2025 | CVE

A vulnerability was found in PHPGurukul Small CRM 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument Name results in sql injection.

This vulnerability is reported as CVE-2025-10114. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-10114 | PHPGurukul Small CRM 4.0 /profile.php Name sql injection

Post correlati

CVE-2024-8782 | JFinalCMS up to 1.0 /admin/template/edit delete name path traversal (IAOSJG)

CVE-2024-6471 | SourceCodester Online Tours & Travels Management 1.0 sms_setting.php uname sql injection

CVE-2024-1797 | WP ULike Plugin up to 4.6.9 on WordPress Shortcode sql injection

CVE-2024-7876 | Appointment Booking Calendar Plugin up to 1.6.7.53 on WordPress Appointment Setting cross site scripting