| Título | PHPGurukul Human Metapneumovirus Testing Management System 1.0 SQL Injection |
|---|
| Descripción | When updating user information, the **mobilenumber** parameter in `profile.php` is vulnerable to SQL injection attacks. This vulnerability stems from insufficient validation of user input for the "mobnumber" parameter, allowing attackers to inject time-based malicious SQL queries. |
|---|
| Fuente | ⚠️ https://github.com/SECWG/cve/issues/7 |
|---|
| Usuario | WenGui (UID 82184) |
|---|
| Sumisión | 2025-03-06 15:35 (hace 1 Año) |
|---|
| Moderación | 2025-03-16 14:19 (10 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 299873 [PHPGurukul Human Metapneumovirus Testing Management System 1.0 /profile.php aid/adminname/mobilenumber/email inyección SQL] |
|---|
| Puntos | 17 |
|---|