CVE-2025-25388
Published: 13 February 2025
Summary
CVE-2025-25388 is a critical-severity SQL Injection (CWE-89) vulnerability in Phpgurukul Land Record System. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 15.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates validation of untrusted inputs like the editid GET parameter to block SQL injection payloads before they reach the database.
Requires timely remediation of identified flaws, such as patching the SQL injection vulnerability in /admin/edit-propertytype.php.
Implements vulnerability scanning that detects SQL injection issues like CVE-2025-25388 in web applications and drives their remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection vulnerability in public-facing web application (/admin/edit-propertytype.php) enables remote attackers to execute arbitrary code via editid parameter, directly facilitating exploitation of public-facing applications.
NVD Description
A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the editid GET request parameter.
Deeper analysisAI
CVE-2025-25388, published on 2025-02-13, is a SQL injection vulnerability (CWE-89) affecting the /admin/edit-propertytype.php component in PHPGurukul Land Record System version 1.0. The issue arises from improper handling of the editid GET request parameter, enabling remote attackers to inject malicious SQL payloads. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, and lack of prerequisites.
Unauthenticated remote attackers can exploit this vulnerability by sending crafted requests to the affected endpoint. Successful exploitation allows execution of arbitrary code, granting high-impact access to confidentiality, integrity, and availability of the system, such as data exfiltration, alteration, or denial of service.
A detailed writeup of the vulnerability is available at https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20p%20editid.pdf, which may provide further technical insights, though no specific patches or official mitigation guidance from the vendor is detailed in the provided references.
Details
- CWE(s)