CVE-2025-2644
Published: 23 March 2025
Summary
CVE-2025-2644 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Art Gallery Management System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates SQL injection by requiring validation and sanitization of the untrusted 'arttype' input in /admin/add-art-product.php.
Addresses the root cause by identifying, reporting, and correcting the SQL injection flaw in PHPGurukul Art Gallery Management System 1.0.
Enables scanning to identify deployed instances vulnerable to this SQL injection (CVE-2025-2644) for prioritization and remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in unauthenticated public-facing web app directly enables T1190 for initial access; allows arbitrary DB queries facilitating T1213.006 for data collection/exfiltration.
NVD Description
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add-art-product.php. The manipulation of the argument arttype leads to sql injection. The attack may be initiated…
more
remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-2644 is a critical SQL injection vulnerability in PHPGurukul Art Gallery Management System version 1.0. The flaw resides in the processing of the /admin/add-art-product.php file, where manipulation of the 'arttype' argument enables SQL injection. It is associated with CWE-74 (Improper Neutralization of Special Elements used in an SQL Command) and CWE-89 (SQL Injection), carrying a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling data exfiltration, modification, or disruption through injected SQL queries.
Advisories and details are documented in references including VulDB entries (vuldb.com/?ctiid.300659, vuldb.com/?id.300659, vuldb.com/?submit.519773), a GitHub issue (github.com/liuhao2638/cve/issues/7), and the vendor site (phpgurukul.com/). The exploit has been publicly disclosed and may be actively used by attackers.
Security practitioners should prioritize scanning for exposed instances of PHPGurukul Art Gallery Management System 1.0 and apply any available updates, while implementing input validation and prepared statements as interim defenses against SQL injection.
Details
- CWE(s)