CVE-2025-1966
Published: 05 March 2025
Summary
CVE-2025-1966 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Pre-School Enrollment System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 14.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by requiring validation and sanitization of untrusted inputs like the username parameter in /admin/index.php.
Ensures timely patching or code remediation of the specific SQL injection flaw in the Pre-School Enrollment System.
Boundary protection with web application firewalls can inspect and block malicious SQL injection payloads targeting the vulnerable endpoint.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in unauthenticated /admin/index.php enables exploitation of public-facing web application (T1190) and unauthorized access to database contents via query manipulation, blind/time-based/UNION attacks (T1213.006).
NVD Description
A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be launched…
more
remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-1966 is a critical SQL injection vulnerability (CWE-74, CWE-89) in PHPGurukul Pre-School Enrollment System 1.0, published on 2025-03-05. The issue affects an unknown functionality within the file /admin/index.php, where manipulation of the username argument enables SQL injection.
Remote attackers can exploit this vulnerability with network access, low attack complexity, no privileges, and no user interaction required (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L, base score 7.3). Exploitation allows limited impacts on confidentiality, integrity, and availability, such as unauthorized data access, modification, or disruption via injected SQL queries.
Advisories referenced in VulDB entries (ctiid.298567, id.298567, submit.512039), a GitHub SECWG issue, and the vendor site phpgurukul.com detail the vulnerability, noting that the exploit has been publicly disclosed and may be used by attackers. No specific patches or mitigations are described in the provided information.
The exploit's public availability increases the risk of real-world use against exposed instances of the software.
Details
- CWE(s)