Unrated severityNVD Advisory· Published May 16, 2025· Updated May 16, 2025

PHPGurukul Daily Expense Tracker System user-profile.php sql injection

CVE-2025-4785

Description

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected products

Phpgurukul/Daily Expense Tracking Systemllm-fuzzy
Range: =1.1
PHPGurukul/Daily Expense Tracker Systemv5
Range: 1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/f1rstb100d/myCVE/issues/10mitreexploitissue-tracking
vuldb.commitrethird-party-advisory
github.com/f1rstb100d/myCVE/issues/9mitreissue-tracking
phpgurukul.commitreproduct
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000