CVE Alert: CVE-2025-10603 - PHPGurukul - Online Discussion Forum

CVE-2025-10603

HIGHNo exploitation known

A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_forum/search_result.php. Executing manipulation of the argument Search can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVSS v3.1 (7.3)

Vendor

PHPGurukul

Product

Online Discussion Forum

Versions

1.0

CWE

CWE-89, SQL Injection

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Published

2025-09-17T17:02:16.847Z

Updated

2025-09-17T17:02:16.847Z

References

https://vuldb.com/?id.324623

https://vuldb.com/?ctiid.324623

https://vuldb.com/?submit.649867

https://github.com/maximdevere/cve/issues/1

https://phpgurukul.com/

AI Summary Analysis

Risk verdict

High risk: publicly disclosed remote SQL injection in the admin search function, exploitable without authentication.

Why this matters

Data from the forum database could be exposed or manipulated, with potential disclosure of user records or moderation data. With no user interaction required, an attacker could automate extraction or modification at scale, risking reputational damage and regulatory exposure for affected sites.

Most likely attack path

Attacker targets /admin/admin_forum/search_result.php, supplying crafted input in the Search parameter. No authentication or user interaction needed; low-complexity, network-accessible exploit could succeed and yield data or enable further database manipulation. Exploit evidence exists, increasing likelihood of rapid waves of attempts.

Who is most exposed

Any production site running PHPGurukul Online Discussion Forum 1.0 with internet-facing admin interfaces, especially on typical LAMP deployments or shared hosting, is at higher risk.

Detection ideas

Unusual or malformed values in requests to the admin search endpoint; repeated patterns like tautological SQL fragments.
Database error messages or stack traces surfacing in responses or error logs.
spikes in queries referencing information_schema or system tables.
Logs showing automated scanners or known SQLi payloads hitting the endpoint.
WAF alerts for SQLi-like payloads targeting the search parameter.

Mitigation and prioritisation

Apply patch or upgrade to a fixed release; if unavailable, implement input parameterisation and prepared statements in the search pathway.
Enforce least-privilege DB accounts and disable detailed DB error messages; restrict the admin interface to trusted networks or MFA-authenticated users.
Implement input validation and output encoding, plus WAF rules tuned for SQLi in the search field.
Change-management: test remediations in staging, then deploy with monitoring; schedule as a high-priority fix window.
Consider temporary access controls or rate limiting for the admin search page until patching.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

Tags: CVE, cve-2025-10603, online-discussion-forum, OSINT, phpgurukul, threatintel

CVE Alert: CVE-2025-10603 – PHPGurukul – Online Discussion Forum