CVE-2025-13247 | PHPGurukul Tourism Management System 1.0 /admin/user-bookings.php uid sql injection

Inserito da Angelo Barbosa | Nov 15, 2025 | CVE

A vulnerability labeled as critical has been found in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection.

This vulnerability is known as CVE-2025-13247. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-13247 | PHPGurukul Tourism Management System 1.0 /admin/user-bookings.php uid sql injection

Post correlati

CVE-2025-53369 | StarCitizenTools mediawiki-extensions-ShortDescription up to 4.0.0 mw.util.addSubtitle cross site scripting

CVE-2023-50712 | dfir-iris iris-web up to 2.3.6 cross site scripting (GHSA-593r-747g-p92p)

CVE-2024-40655 | Google Android 12/12L/13/14 CallScreeningServiceHelper.java bindAndGetCallIdentification permission

CVE-2021-46930 | Linux Kernel up to 5.4.169/5.10.89/5.15/5.15.12 mtu3 list_head use after free