CVE-2025-2658
Published: 23 March 2025
Summary
CVE-2025-2658 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Online Security Guards Hiring System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 requires validation of user inputs such as the searchdata parameter to directly prevent SQL injection attacks in /search-request.php.
SI-2 mandates identification, reporting, and timely remediation of flaws like the SQL injection vulnerability in CVE-2025-2658.
SC-7 enforces boundary protection at external interfaces, enabling web application firewalls to block malicious SQL injection payloads targeting searchdata.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in unauthenticated public-facing web application (/search-request.php) enables exploitation of public-facing application (T1190) and collection of data from backend databases via UNION-based and time-based techniques (T1213.006).
NVD Description
A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection.…
more
The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-2658 is a critical SQL injection vulnerability (CWE-74, CWE-89) in PHPGurukul Online Security Guards Hiring System 1.0. The flaw resides in an unknown functionality of the /search-request.php file, where manipulation of the searchdata argument triggers the injection. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and was published on 2025-03-23.
Remote attackers require no privileges or user interaction to exploit this issue remotely. By injecting malicious payloads into the searchdata parameter, they can compromise the application's database, potentially extracting sensitive data, modifying records, or disrupting service availability, albeit with low impact levels across confidentiality, integrity, and availability.
Advisories from VulDB (ctiid.300674, id.300674, submit.520250) document the issue, while a public exploit disclosure appears in the GitHub repository zyb26252/CVE/issues/1. The vendor site phpgurukul.com is referenced, though specific patch details are not detailed in available sources. The exploit has been publicly disclosed and may be used.
Details
- CWE(s)