CVE-2025-2676
Published: 24 March 2025
Summary
CVE-2025-2676 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Bank Locker Management System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 directly prevents SQL injection by requiring validation and sanitization of inputs like the sadminusername parameter in /add-subadmin.php.
SI-2 ensures timely remediation of the SQL injection flaw in the Bank Locker Management System to eliminate the vulnerability.
RA-5 uses vulnerability scanning to identify SQL injection vulnerabilities like CVE-2025-2676 in web applications.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in unauthenticated web endpoint (/add-subadmin.php) directly enables remote exploitation of a public-facing application.
NVD Description
A vulnerability, which was classified as critical, was found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. It is possible to initiate…
more
the attack remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-2676 is a critical SQL injection vulnerability (CWE-74, CWE-89) in PHPGurukul Bank Locker Management System 1.0. The issue resides in an unknown part of the file /add-subadmin.php, where manipulation of the sadminusername argument triggers the injection. It was published on 2025-03-24 and carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low attack complexity. Successful exploitation enables limited impacts on confidentiality, integrity, and availability, potentially allowing unauthorized SQL query execution depending on the database backend.
Advisories and further details, including submission records, are documented in references such as https://github.com/ARPANET-cyber/CVE/issues/5, https://vuldb.com/?ctiid.300693, https://vuldb.com/?id.300693, https://vuldb.com/?submit.521443, and the vendor site https://phpgurukul.com/. No specific patch details are outlined in the core description.
The exploit has been publicly disclosed and may be used by attackers.
Details
- CWE(s)