CVE-2025-4174 – PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

May 1, 2025

CVE ID : CVE-2025-4174

Published : May 1, 2025, 7:15 p.m. | 4 hours, 11 minutes ago

Description : A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-29763 – Apache HTTP Server Cross-Site Request Forgery

Next Article CVE-2025-3517 – Devolutions Server PAM JIT Privilege Escalation

Highlights

CVE-2025-32455 – Quantenna Wi-Fi Command Injection Vulnerability

June 8, 2025

CVE ID : CVE-2025-32455

Published : June 8, 2025, 9:15 p.m. | 38 minutes ago

Description : The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd argument), that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7 ( CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .
This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record’s first publishing, though the vendor has released a best practices guide for implementors of this chipset.

Severity: 7.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Enhancing Laravel Queries with Reusable Scope Patterns

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Everything We Know About Livewire 4

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-4174 – PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

Screen is a terminal renderer written in pure PHP

Microsoft Build: GitHub Copilot coding agent, Azure AI Foundry updates, support for MCP, and more

HCL Commerce V9.1 – The Power of the Next.js Ruby Storefront

SymbolEditor is a cross stitch symbol editor

CVE-2025-32455 – Quantenna Wi-Fi Command Injection Vulnerability

CVE-2025-7753 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE-2025-43006 – SAP Supplier Relationship Management XSS Vulnerability

Best Free and Open Source Alternatives to Parallels Desktop

CVE-2025-4174 – PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

Related Posts