Security Advisory

CVE-2025-40690

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-11 11:23:32

Last updated 2025-09-11 14:35:41

Assigner INCIBE

State PUBLISHED

Description

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via teamid parameter in the endpoint /ofrs/admin/edit-team.php.

← Browse all CVEs View on cve.org ↗