CVE-2025-1588

Medium

Published: 23 February 2025

Published

23 February 2025

Modified

28 February 2025

KEV Added

—

Patch

—

CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

EPSS Score 0.0014 32.9th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1588 is a medium-severity Relative Path Traversal (CWE-23) vulnerability in Phpgurukul Online Nurse Hiring System. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents path traversal exploitation by requiring validation of the profilepic input parameter to block '../' sequences and ensure only expected file paths are processed.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and remediation of the specific path traversal flaw in /admin/manage-nurse.php to eliminate the vulnerability.

AC-3 Access Enforcement partial match

prevent

Enforces access control policies to restrict unauthorized file read/write operations even if path traversal bypasses initial input handling.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1505.003 Web Shell Persistence

Adversaries may backdoor web servers with web shells to establish persistent access to systems.

attack.mitre.org →

Why these techniques?

Path traversal in web app profile pic handling directly enables remote exploitation of public-facing app (T1190) and facilitates web shell deployment via arbitrary file write (T1505.003).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path traversal: '../filedir'. The attack can be…

initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting vulnerability classes.

Deeper analysisAI

CVE-2025-1588 is a path traversal vulnerability classified as critical in PHPGurukul Online Nurse Hiring System 1.0. It affects unknown code within the file /admin/manage-nurse.php, where manipulation of the profilepic argument enables traversal sequences such as '../filedir'. The issue, associated with CWEs-22, CWE-23, and CWE-24, was published on 2025-02-23 and carries a CVSS v3.1 base score of 6.5.

Remote attackers can exploit this vulnerability without authentication, privileges, or user interaction, requiring only low attack complexity over the network. Exploitation allows limited impacts to integrity (I:L) and availability (A:L), with no confidentiality loss, potentially enabling unauthorized file operations outside the intended directory via the manipulated profilepic parameter.

Advisories from VulDB (ctiid.296572, id.296572, submit.505441) and a GitHub issue (wqywfvc/CVE/issues/16) detail the vulnerability, noting public disclosure of the exploit which may be used by attackers. The vendor site phpgurukul.com is referenced, though specific mitigation or patch details are not outlined in these initial reports; the researcher advisory mentions contradicting vulnerability classes.

Details

CWE(s): CWE-23 CWE-24 CWE-22

Affected Products

phpgurukul

online nurse hiring system

1.0

CVEs Like This One

CVE-2025-1583Same product: Phpgurukul Online Nurse Hiring System

CVE-2025-1581Same product: Phpgurukul Online Nurse Hiring System

CVE-2025-1582Same product: Phpgurukul Online Nurse Hiring System

CVE-2025-69992Same vendor: Phpgurukul

CVE-2026-0547Same vendor: Phpgurukul

CVE-2026-1424Same vendor: Phpgurukul

CVE-2025-2687Same vendor: Phpgurukul

CVE-2025-25354Same vendor: Phpgurukul

CVE-2025-25352Same vendor: Phpgurukul

CVE-2025-7521Same vendor: Phpgurukul

References

https://github.com/wqywfvc/CVE/issues/16
Broken Link · cna@vuldb.com
https://phpgurukul.com/
Product · cna@vuldb.com
https://vuldb.com/?ctiid.296572
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.296572
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.505441
Third Party Advisory, VDB Entry · cna@vuldb.com