CVE-2025-69991

CriticalPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

16 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0005 15.3th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-69991 is a critical-severity SQL Injection (CWE-89) vulnerability in Phpgurukul News Portal. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 15.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents SQL injection in check_availablity.php by requiring validation of user inputs before they are used in database queries.

SI-2 Flaw Remediation good match

prevent

Mandates identification, reporting, and correction of the specific SQL injection flaw in phpgurukul News Portal Project V4.1.

SC-7 Boundary Protection partial match

preventdetect

Boundary protection with web application firewalls monitors and blocks SQL injection payloads at network interfaces to the vulnerable endpoint.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

SQL injection in public-facing web app (check_availablity.php) directly enables unauthenticated remote exploitation with full DB impact, matching T1190.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.

Deeper analysisAI

CVE-2025-69991 is a SQL injection vulnerability (CWE-89) in the phpgurukul News Portal Project version 4.1, specifically within the check_availablity.php component. Published on 2026-01-13, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.

The vulnerability enables exploitation by unauthenticated attackers over the network with low attack complexity and no requirement for user interaction. Successful attacks can result in high confidentiality, integrity, and availability impacts, allowing attackers to extract sensitive data, modify database contents, or disrupt service availability.

Mitigation guidance is available in the referenced advisory at https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/SQL%20Injection.md.

Details

CWE(s): CWE-89

Affected Products

phpgurukul

news portal

4.1

CVEs Like This One

CVE-2025-1859Same product: Phpgurukul News Portal

CVE-2025-69992Same product: Phpgurukul News Portal

CVE-2026-1141Same product: Phpgurukul News Portal

CVE-2025-69990Same product: Phpgurukul News Portal

CVE-2026-1424Same product: Phpgurukul News Portal

CVE-2025-70892Same vendor: Phpgurukul

CVE-2025-25354Same vendor: Phpgurukul

CVE-2025-25352Same vendor: Phpgurukul

CVE-2025-25387Same vendor: Phpgurukul

CVE-2025-25388Same vendor: Phpgurukul

References

https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/SQL%20Injection.md
Exploit, Third Party Advisory · cve@mitre.org