Security Advisory

CVE-2025-65380

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 00:00:00

Last updated 2025-12-02 21:58:55

Assigner mitre

State PUBLISHED

Description

PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.

← Browse all CVEs View on cve.org ↗