| عنوان | PHPGurukul Students Record Management Project in PHP V 3.20 SQL Injection |
|---|
| الوصف | A critical SQL injection vulnerability has been identified in version 3.20 of the Students Record Management Project in PHP.
This vulnerability resides in the login functionality of the login.php file.
Due to insufficient input validation and lack of proper sanitization, an attacker can exploit the id parameter to inject malicious SQL commands.
Successful exploitation may allow an attacker to bypass authentication or extract sensitive information from the database.
This vulnerability poses a significant security risk as it can be exploited without prior authentication.
Immediate remediation is strongly recommended to protect the system from potential attacks. |
|---|
| المصدر | ⚠️ https://github.com/y7syeu/CVE/issues/1 |
|---|
| المستخدم | Huoma (UID 85596) |
|---|
| ارسال | 22/05/2025 10:55 AM (1 سنة منذ) |
|---|
| الاعتدال | 26/05/2025 03:35 PM (4 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 310312 [PHPGurukul Student Record System 3.20 /login.php معرف حقن SQL] |
|---|
| النقاط | 20 |
|---|