CVE-2025-4813: PHPGurukul Human Metapneumovirus Testing Management System edit-phlebotomist.php sql injection
First published: Fri May 16 2025(Updated: )
A vulnerability, which was classified as critical, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPGurukul Human Metapneumovirus |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4813?
CVE-2025-4813 is classified as a critical vulnerability.
What type of vulnerability is CVE-2025-4813?
CVE-2025-4813 is a SQL injection vulnerability found in the PHPGurukul Human Metapneumovirus Testing Management System.
What is affected by CVE-2025-4813?
CVE-2025-4813 affects the file /edit-phlebotomist.php in the PHPGurukul Human Metapneumovirus Testing Management System.
How do I fix CVE-2025-4813?
To fix CVE-2025-4813, sanitize and validate the input for the mobilenumber argument in the affected PHP script.
Who is affected by CVE-2025-4813?
Organizations using PHPGurukul Human Metapneumovirus Testing Management System version 1.0 are affected by CVE-2025-4813.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/title
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/last-modified-date
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/phpgurukul
- canonical/phpgurukul human metapneumovirus