CVE-2025-4908 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

May 19, 2025

CVE ID : CVE-2025-4908

Published : May 19, 2025, 3:15 a.m. | 1 hour, 13 minutes ago

Description : A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4901 – D-Link DI-7003GV2 HTTP Endpoint Information Disclosure Vulnerability

Next Article CVE-2025-4907 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-4908 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

CVE-2025-5372 – OpenSSL SSH Key Derivation Buffer Initialization Vulnerability

CVE-2025-6944 – Uncode Core WordPress Stored Cross-Site Scripting

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

CVE-2025-49297 – Mikado-Themes Grill and Chow PHP Local File Inclusion Vulnerability

Xbox dominates April 2025 sales charts in the US as Oblivion Remastered sells far faster than the original game

8BitDo’s translucent green keyboard is an “ode to the OG Xbox” — Now at its lowest-ever price for an Amazon-adjacent deal

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

OpenAI Expresses Interest in Acquiring Chrome Amidst Google Antitrust Scrutiny

CVE-2025-5565 – WordPress Hide It Stored Cross-Site Scripting Vulnerability

How cron and Task Scheduler work in Laravel

CVE-2025-4908 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

Related Posts