top of page
perceptive_background_267k.jpg

A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint. The application fail…

Published:

14 januari 2026 om 23:00:00

Alert date:

15 januari 2026 om 23:01:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

A time-based blind SQL injection vulnerability has been discovered in PHPGurukul Cyber Cafe Management System version 1.0. The vulnerability exists in the adminprofile.php endpoint where the adminname parameter is not properly sanitized. Authenticated attackers can exploit this flaw to inject arbitrary SQL expressions. The vulnerability allows for time-based blind SQL injection attacks through improper input validation. This represents a significant security risk for organizations using this cyber cafe management system.

Technical details

Mitigation steps:

Affected products:

PHPGurukul Cyber Cafe Management System

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-70893
https://github.com/efekaanakkar/Cyber-Cafe-Management-System-CVEs/tree/main/CVE-2025-70893
https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page