Security Advisory

CVE-2025-40691

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-11 11:25:36

Last updated 2025-09-11 14:35:35

Assigner INCIBE

State PUBLISHED

Description

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via todate parameter in the endpoint /ofrs/admin/bwdates-report-result.php.

← Browse all CVEs View on cve.org ↗