Vulnerability Details CVE-2025-40687
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via
'mobilenumber', 'teamleadname' and 'teammember' parameters in the endpoint '/ofrs/admin/add-team.php'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.1%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-40687
-
cpe:2.3:a:phpgurukul:online_fire_reporting_system:1.2