A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection.

The identification of this vulnerability is CVE-2025-5227. The attack may be initiated remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.