Cyber Resilience

CVE-2025-70892

CriticalPublic PoC

Published: 15 January 2026

Published
15 January 2026
Modified
22 January 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0041 33.0th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-70892 is a critical-severity SQL Injection (CWE-89) vulnerability in Phpgurukul Cyber Cafe Management System. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-70892 is a SQL injection vulnerability (CWE-89) affecting Phpgurukul Cyber Cafe Management System version 1.0. The flaw resides in the user management module, where the application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint. Published on 2026-01-15, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its high impacts on confidentiality, integrity, and availability.

The vulnerability can be exploited by unauthenticated attackers over the network with low complexity and no user interaction required. Successful exploitation allows arbitrary SQL query execution, potentially enabling attackers to extract sensitive data from the database, modify user records, or disrupt system availability through denial-of-service actions.

Advisories and further details are available in the referenced GitHub repository at https://github.com/efekaanakkar/Cyber-Cafe-Management-System-CVEs/tree/main/CVE-2025-70892, which documents the CVE, and the official project page at https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/. No specific patches or mitigations are detailed in the provided information.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct unauthenticated SQL injection in a public-facing web application (add-users.php) enables remote exploitation for data access/modification/DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-7164Same product: Phpgurukul Cyber Cafe Management System
CVE-2025-70893Same product: Phpgurukul Cyber Cafe Management System
CVE-2025-7165Same product: Phpgurukul Cyber Cafe Management System
CVE-2025-25357Same vendor: Phpgurukul
CVE-2025-25354Same vendor: Phpgurukul
CVE-2025-25352Same vendor: Phpgurukul
CVE-2025-26156Same vendor: Phpgurukul
CVE-2025-25388Same vendor: Phpgurukul
CVE-2025-25387Same vendor: Phpgurukul
CVE-2025-69991Same vendor: Phpgurukul

Affected Assets

phpgurukul
cyber cafe management system
1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates validation of user-supplied inputs at database query points, directly preventing SQL injection exploitation via the unvalidated username parameter in add-users.php.

prevent

Requires timely identification, reporting, and remediation of flaws like this SQL injection vulnerability to eliminate the risk of arbitrary SQL execution.

detect

Provides vulnerability scanning to identify SQL injection flaws in web applications like the user management module, enabling proactive remediation.

References