Cyber Posture

CVE-2025-25352

HighPublic PoC

Published: 13 February 2025

Published
13 February 2025
Modified
14 February 2025
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0197 83.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25352 is a high-severity SQL Injection (CWE-89) vulnerability in Phpgurukul Land Record System. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 16.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

SI-10 directly prevents SQL injection by enforcing input validation on parameters like pagetitle in /admin/aboutus.php.

SI-2 Flaw Remediation good match
prevent

SI-2 remediates the specific SQL injection flaw in PHPGurukul Land Record System v1.0 by identifying and correcting the vulnerable code.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

RA-5 detects the SQL injection vulnerability through vulnerability scanning tools that identify injectable parameters like pagetitle.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

SQL Injection vulnerability in public-facing web application (/admin/aboutus.php) allows remote arbitrary code execution, enabling exploitation of public-facing applications.

NVD Description

A SQL Injection vulnerability was found in /admin/aboutus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the pagetitle POST request parameter.

Deeper analysisAI

CVE-2025-25352 is a SQL injection vulnerability (CWE-89) in the /admin/aboutus.php component of PHPGurukul Land Record System version 1.0. The flaw allows remote attackers to execute arbitrary code by injecting malicious input into the pagetitle POST request parameter. Published on 2025-02-13, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Attackers with high privileges, such as administrative access, can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation enables arbitrary code execution, leading to high impacts on confidentiality, integrity, and availability within the application's scope.

References point to GitHub writeups documenting the SQL injection issue in the Land Record System's aboutus.php file, but no specific advisories or patches are detailed in the provided information.

Details

CWE(s)
CWE-89

Affected Products

phpgurukul
land record system
1.0

CVEs Like This One

CVE-2025-25354Same product: Phpgurukul Land Record System
CVE-2025-25387Same product: Phpgurukul Land Record System
CVE-2025-25388Same product: Phpgurukul Land Record System
CVE-2025-25357Same product: Phpgurukul Land Record System
CVE-2025-25389Same product: Phpgurukul Land Record System
CVE-2025-25356Same product: Phpgurukul Land Record System
CVE-2025-25355Same product: Phpgurukul Land Record System
CVE-2024-57687Same product: Phpgurukul Land Record System
CVE-2024-57686Same product: Phpgurukul Land Record System
CVE-2025-70892Same vendor: Phpgurukul

References