CVE-2025-40691
SQL injection in PHPGurukul Online Fire Reporting System
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via
'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
PHPGurukul · Online Fire Reporting SystemWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →