CVE-2025-2058

HighPublic PoC

Published: 07 March 2025

Published

07 March 2025

Modified

08 May 2025

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0003 10.0th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems.

Security Summary

CVE-2025-2058 is a critical SQL injection vulnerability affecting PHPGurukul Emergency Ambulance Hiring Portal version 1.0. The flaw resides in an unknown functionality of the file /admin/search.php, where manipulation of the searchdata argument triggers the injection. It is associated with CWEs-74 and CWE-89 and carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

Remote attackers can exploit this vulnerability without authentication or user interaction, requiring only network access and low complexity. Successful exploitation enables limited impacts on confidentiality, integrity, and availability through SQL injection techniques.

Advisories and details are available via VulDB entries (ctiid.298813, id.298813, submit.514462), a GitHub issue at https://github.com/12T40910/CVE/issues/4, and the vendor site at https://phpgurukul.com/. The exploit has been publicly disclosed and may be used.

Details

CWE(s): CWE-74CWE-89

Affected Products

phpgurukul

emergency ambulance hiring portal

1.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1213.006 Databases Collection

Adversaries may leverage databases to mine valuable information.

attack.mitre.org →

T1505 Server Software Component Persistence

Adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems.

attack.mitre.org →

Why these techniques?

Unauthenticated SQL injection in public-facing web app (/admin/search.php) enables initial access via exploitation of public-facing application (T1190), data collection from databases (T1213.006), and abuse of server software components per advisory mapping (T1505).

References

https://github.com/12T40910/CVE/issues/4
Exploit, Issue Tracking, Third Party Advisory · cna@vuldb.com
https://phpgurukul.com/
Product · cna@vuldb.com
https://vuldb.com/?ctiid.298813
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.298813
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.514462
Third Party Advisory, VDB Entry · cna@vuldb.com