CVE-2025-4004 in COVID19 Testing Management SystemИнформация

Сводка

по MITRE • 28.04.2025

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument contactno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulDB

Раскрытие

28.04.2025

Модерация

принято

Вход

VDB-306340

CPE

готов

CWE

CWE-89 (Подтверждённый)

Эксплойт

Скачать

CVSS

7.3 (CNA)

EPSS

0.00157

KEV

Нет

Деятельности

Очень низкий

Сектор

Telecommunication, Pharma, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-4004
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-4004
CVE Details	https://www.cvedetails.com/cve/CVE-2025-4004/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!