CVE-2025-2386 – PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injection

https://notcve.org/view.php?id=CVE-2025-2386

17 Mar 2025 — A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /serviceman-search.php. The manipulation of the argument location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/aionman/cve/issues/7 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •