CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-40691

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-phpgurukuls-online-fire-reporting-system

Products affected by CVE-2025-40691

Phpgurukul » Online Fire Reporting System » Version: 1.2

cpe:2.3:a:phpgurukul:online_fire_reporting_system:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-40691

Products

Pricing

Contact Us