CVE-2025-70062
Received Received - Intake
CSRF Vulnerability in PHPGurukul Hospital System Allows Privilege Escalation

Publication date: 2026-02-18

Last updated on: 2026-02-23

Assigner: MITRE

Description
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts (privileged users) by tricking an authenticated administrator into visiting a malicious page.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-18
Last Modified
2026-02-23
Generated
2026-06-16
AI Q&A
2026-02-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-70062
EUVD
EUVD-2025-207794
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
phpgurukul hospital_management_system 4.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2025-70062 is a Cross-Site Request Forgery (CSRF) vulnerability found in the PHPGurukul Hospital Management System version 4.0, specifically in the 'Add Doctor' module. The application does not enforce CSRF token validation on the add-doctor.php endpoint. This flaw allows a remote attacker to trick an authenticated administrator into visiting a malicious webpage, which then causes the system to create arbitrary Doctor accounts without the administrator's consent."}] [1]

Impact Analysis

This vulnerability can have serious impacts as it allows attackers to create privileged Doctor accounts without authorization. By exploiting the CSRF flaw, an attacker can perform unauthorized actions on behalf of an authenticated administrator, potentially leading to unauthorized access, manipulation of hospital management data, and compromise of system integrity.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by verifying whether the add-doctor.php endpoint enforces CSRF token validation. One practical approach is to attempt to perform the add doctor action without a valid CSRF token and observe if the request is accepted.'}, {'type': 'paragraph', 'content': 'Since the vulnerability involves a lack of CSRF protection, you can use tools like curl or Burp Suite to send POST requests to the add-doctor.php endpoint without including a CSRF token and check if the server processes the request.'}, {'type': 'list_item', 'content': 'Example curl command to test the vulnerability (replace URL and parameters accordingly):'}, {'type': 'list_item', 'content': 'curl -X POST https://targetsite.com/add-doctor.php -d "doctor_name=Test&specialization=Test" --cookie "PHPSESSID=your_session_id"'}, {'type': 'paragraph', 'content': 'If the request succeeds without requiring a CSRF token, the vulnerability is present.'}] [1]

Mitigation Strategies

To mitigate this CSRF vulnerability, immediately implement CSRF token validation on the add-doctor.php endpoint to ensure that all requests to add a doctor include a valid, unique token tied to the user's session.

Additionally, educate administrators to avoid clicking on suspicious links while authenticated, as the vulnerability relies on tricking an authenticated user.

If possible, restrict access to the add-doctor.php functionality to trusted IP addresses or networks until a proper fix is deployed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-70062. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart