| Titel | PHPGurukul Human Metapneumovirus Testing Management System 1.0 SQL Injection |
|---|
| Beschreibung | When updating user information, the **mobilenumber** parameter in `profile.php` is vulnerable to SQL injection attacks. This vulnerability stems from insufficient validation of user input for the "mobnumber" parameter, allowing attackers to inject time-based malicious SQL queries. |
|---|
| Quelle | ⚠️ https://github.com/SECWG/cve/issues/7 |
|---|
| Benutzer | WenGui (UID 82184) |
|---|
| Einreichung | 06.03.2025 15:35 (vor 1 Jahr) |
|---|
| Moderieren | 16.03.2025 14:19 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 299873 [PHPGurukul Human Metapneumovirus Testing Management System 1.0 /profile.php aid/adminname/mobilenumber/email SQL Injection] |
|---|
| Punkte | 17 |
|---|