VYPR
High severity7.3NVD Advisory· Published Jul 8, 2025· Updated Jun 17, 2026

CVE-2025-7155

CVE-2025-7155

Description

A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown part of the file /Dashboard of the component Cookie Handler. The manipulation of the argument sessionid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The original researcher disclosure suspects an XPath Injection vulnerability; however, the provided attack payload appears to be characteristic of an SQL Injection attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*
    • (no CPE)range: 1.0

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.