CVE-2025-6321 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-6321

Published : June 20, 2025, 9:15 a.m. | 1 hour, 27 minutes ago

Description : A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

CVE-2023-53135 – Riscv Linux Kernel Stack Out-of-Bounds Vulnerability

May 2, 2025

CVE ID : CVE-2023-53135

Published : May 2, 2025, 4:15 p.m. | 34 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode

When CONFIG_FRAME_POINTER is unset, the stack unwinding function
walk_stackframe randomly reads the stack and then, when KASAN is enabled,
it can lead to the following backtrace:

[ 0.000000] ==================================================================
[ 0.000000] BUG: KASAN: stack-out-of-bounds in walk_stackframe+0xa6/0x11a
[ 0.000000] Read of size 8 at addr ffffffff81807c40 by task swapper/0
[ 0.000000]
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-12919-g24203e6db61f #43
[ 0.000000] Hardware name: riscv-virtio,qemu (DT)
[ 0.000000] Call Trace:
[ 0.000000] [] walk_stackframe+0x0/0x11a
[ 0.000000] [] init_param_lock+0x26/0x2a
[ 0.000000] [] walk_stackframe+0xa2/0x11a
[ 0.000000] [] dump_stack_lvl+0x22/0x36
[ 0.000000] [] print_report+0x198/0x4a8
[ 0.000000] [] init_param_lock+0x26/0x2a
[ 0.000000] [] walk_stackframe+0xa2/0x11a
[ 0.000000] [] kasan_report+0x9a/0xc8
[ 0.000000] [] walk_stackframe+0xa2/0x11a
[ 0.000000] [] walk_stackframe+0xa2/0x11a
[ 0.000000] [] desc_make_final+0x80/0x84
[ 0.000000] [] stack_trace_save+0x88/0xa6
[ 0.000000] [] filter_irq_stacks+0x72/0x76
[ 0.000000] [] devkmsg_read+0x32a/0x32e
[ 0.000000] [] kasan_save_stack+0x28/0x52
[ 0.000000] [] desc_make_final+0x7c/0x84
[ 0.000000] [] stack_trace_save+0x84/0xa6
[ 0.000000] [] kasan_set_track+0x12/0x20
[ 0.000000] [] __kasan_slab_alloc+0x58/0x5e
[ 0.000000] [] __kmem_cache_create+0x21e/0x39a
[ 0.000000] [] create_boot_cache+0x70/0x9c
[ 0.000000] [] kmem_cache_init+0x6c/0x11e
[ 0.000000] [] mm_init+0xd8/0xfe
[ 0.000000] [] start_kernel+0x190/0x3ca
[ 0.000000]
[ 0.000000] The buggy address belongs to stack of task swapper/0
[ 0.000000] and is located at offset 0 in frame:
[ 0.000000] stack_trace_save+0x0/0xa6
[ 0.000000]
[ 0.000000] This frame has 1 object:
[ 0.000000] [32, 56) ‘c’
[ 0.000000]
[ 0.000000] The buggy address belongs to the physical page:
[ 0.000000] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x81a07
[ 0.000000] flags: 0x1000(reserved|zone=0)
[ 0.000000] raw: 0000000000001000 ff600003f1e3d150 ff600003f1e3d150 0000000000000000
[ 0.000000] raw: 0000000000000000 0000000000000000 00000001ffffffff
[ 0.000000] page dumped because: kasan: bad access detected
[ 0.000000]
[ 0.000000] Memory state around the buggy address:
[ 0.000000] ffffffff81807b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 0.000000] ffffffff81807b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 0.000000] >ffffffff81807c00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f3
[ 0.000000] ^
[ 0.000000] ffffffff81807c80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[ 0.000000] ffffffff81807d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 0.000000] ==================================================================

Fix that by using READ_ONCE_NOCHECK when reading the stack in imprecise
mode.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-6321 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution

CVE-2025-52557 – Mail-0’s Zero JavaScript Injection Vulnerability

CVE-2025-3746 – WordPress One Tap Signin Plugin Authentication Bypass

Ubuntu MATE 25.04 Release Notes

CVE-2023-53135 – Riscv Linux Kernel Stack Out-of-Bounds Vulnerability

Perficient Earns AWS Premier Tier Services Partner Status and Elevates AI Innovation in the Cloud

Neobrutalism CSS Button Generator

CVE-2025-49717 – Microsoft SQL Server Heap Buffer Overflow Vulnerability

CVE-2025-6321 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

Related Posts