216.73.217.172

CVE-2025-1588

· Published 23/02/2025 16:15 · Modified 28/02/2025 19:36

Labels: CVE-2025-1588 2025-02-23CVE-2025-1588CWE-22CWE-23[email protected]

Essential information

Published
23/02/2025 16:15
Modified
28/02/2025 19:36
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CVSS metrics

Description

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting vulnerability classes.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
phpgurukul / online nurse hiring system cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*

References