CVE-2025-2381
Published: 17 March 2025
Summary
CVE-2025-2381 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Curfew E-Pass Management System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation and sanitization of user inputs like the 'searchdata' parameter to block SQL injection in /admin/search-pass.php.
Mandates identification, reporting, and correction of the specific SQL injection flaw in PHPGurukul Curfew e-Pass Management System 1.0.
Vulnerability scanning detects the unauthenticated remote SQL injection vulnerability (CVSS 7.3) prior to exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The unauthenticated SQL injection vulnerability in the public-facing web application /admin/search-pass.php enables initial access via exploitation of a public-facing application (T1190) and facilitates collection of data from databases (T1213.006) through arbitrary SQL query execution.
NVD Description
A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Affected is an unknown function of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the…
more
attack remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-2381 is a critical SQL injection vulnerability (CWE-74, CWE-89) in PHPGurukul Curfew e-Pass Management System 1.0. The flaw resides in an unknown function within the file /admin/search-pass.php, where manipulation of the 'searchdata' argument enables SQL code injection. Published on 2025-03-17, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
An unauthenticated remote attacker can exploit this vulnerability over the network with low complexity and no user interaction required. By crafting malicious input for the 'searchdata' parameter, the attacker can execute arbitrary SQL queries, potentially leading to limited impacts on confidentiality (e.g., data disclosure), integrity (e.g., data modification), and availability (e.g., denial of service).
Advisories from VulDB (ctiid.299880, id.299880, submit.515896) and a GitHub issue (aionman/cve/issues/4) detail the vulnerability, with the vendor site at phpgurukul.com. No specific patches or mitigations are outlined in the provided references.
The exploit has been publicly disclosed and may be used in attacks.
Details
- CWE(s)