CVE-2025-4163: PHPGurukul Land Record System aboutus.php sql injection
First published: Thu May 01 2025(Updated: )
A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPGurukul Land Record System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4163?
CVE-2025-4163 is classified as a critical vulnerability.
What type of vulnerability is CVE-2025-4163?
CVE-2025-4163 is a SQL injection vulnerability.
How does CVE-2025-4163 affect the PHPGurukul Land Record System?
CVE-2025-4163 allows attackers to manipulate the pagetitle argument in /admin/aboutus.php to execute SQL queries.
Is CVE-2025-4163 exploitable remotely?
Yes, CVE-2025-4163 can be exploited remotely.
How can I fix the vulnerability identified as CVE-2025-4163?
To fix CVE-2025-4163, validate and sanitize user inputs to prevent SQL injection.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/phpgurukul
- canonical/phpgurukul land record system