Cyber Resilience

CVE-2025-69991

CriticalPublic PoC

Published: 13 January 2026

Published
13 January 2026
Modified
16 January 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0039 31.0th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-69991 is a critical-severity SQL Injection (CWE-89) vulnerability in Phpgurukul News Portal. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 31.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-69991 is a SQL injection vulnerability (CWE-89) in the phpgurukul News Portal Project version 4.1, specifically within the check_availablity.php component. Published on 2026-01-13, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.

The vulnerability enables exploitation by unauthenticated attackers over the network with low attack complexity and no requirement for user interaction. Successful attacks can result in high confidentiality, integrity, and availability impacts, allowing attackers to extract sensitive data, modify database contents, or disrupt service availability.

Mitigation guidance is available in the referenced advisory at https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/SQL%20Injection.md.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in public-facing web app (check_availablity.php) directly enables unauthenticated remote exploitation with full DB impact, matching T1190.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-1859Same product: Phpgurukul News Portal
CVE-2025-69992Same product: Phpgurukul News Portal
CVE-2026-1141Same product: Phpgurukul News Portal
CVE-2025-69990Same product: Phpgurukul News Portal
CVE-2026-1424Same product: Phpgurukul News Portal
CVE-2025-25357Same vendor: Phpgurukul
CVE-2025-25354Same vendor: Phpgurukul
CVE-2025-25352Same vendor: Phpgurukul
CVE-2025-26156Same vendor: Phpgurukul
CVE-2025-25388Same vendor: Phpgurukul

Affected Assets

phpgurukul
news portal
4.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection in check_availablity.php by requiring validation of user inputs before they are used in database queries.

prevent

Mandates identification, reporting, and correction of the specific SQL injection flaw in phpgurukul News Portal Project V4.1.

preventdetect

Boundary protection with web application firewalls monitors and blocks SQL injection payloads at network interfaces to the vulnerable endpoint.

References