CVE-2025-4154 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

May 1, 2025

CVE ID : CVE-2025-4154

Published : May 1, 2025, 7:15 a.m. | 55 minutes ago

Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this issue is some unknown functionality of the file /admin/enrollment-details.php. The manipulation of the argument Status leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRilasciata AnduinOS 1.3: La distribuzione GNU/Linux che porta l’esperienza di Windows 11 su Ubuntu 25.04

Next Article CVE-2025-4100 – Nautic Pages WordPress Stored Cross-Site Scripting

Highlights

CVE-2025-4839 – Itwanger Paicoding Cross-Domain Policy Vulnerability

May 17, 2025

CVE ID : CVE-2025-4839

Published : May 17, 2025, 10:15 p.m. | 2 hours, 31 minutes ago

Description : A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

DistroWatch Weekly, Issue 1126

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

Grounded 2’s best feature is happening because Obsidian left the Xbox One behind

6 registry tweaks every tech-savvy user must apply on Windows 11

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

DistroWatch Weekly, Issue 1126

Find ASCII Emoji Easily with this GNOME Shell Applet

CVE-2025-4154 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

KIA Ecuador Keyless Entry Systems Vulnerability Exposes Thousands of Vehicles to Theft

CVE-2025-5068 – Google Chrome Blink Use-After-Free Vulnerability

National University of Singapore Researchers Introduce Dimple: A Discrete Diffusion Multimodal Language Model for Efficient and Controllable Text Generation

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

Securing CI/CD workflows with Wazuh

CVE-2025-4839 – Itwanger Paicoding Cross-Domain Policy Vulnerability

Amazon Gaming Week is LIVE — 7 hand-picked deals with price-busting competitors that you can’t miss!

GitHub Universe 2025: Here’s what’s in store at this year’s developer wonderland

Your Apple TV is getting 5 useful features for free – including a big one for karaoke fans

CVE-2025-4154 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

Related Posts