Enviar #632036: phpgurukul Employee Record Management System 1.3 SQL Injectioninformación

Títulophpgurukul Employee Record Management System 1.3 SQL Injection
DescripciónAn authenticated SQL injection vulnerability exists in the Employee Record Management System (ERMS) within admin/adminprofile.php. The AdminName parameter is directly concatenated into an SQL query without input sanitization or prepared statements. An authenticated attacker can exploit this to execute arbitrary SQL commands, potentially extracting or modifying database contents.
Fuente⚠️ https://github.com/cryptokhush/Employee-Record-Management-System/blob/main/README.md
Usuario
 devcypher (UID 88930)
Sumisión2025-08-11 18:51 (hace 10 meses)
Moderación2025-08-16 08:01 (5 days later)
EstadoDuplicado
Entrada de VulDB311581 [PHPGurukul Employee Record Management System 1.3 /admin/adminprofile.php AdminName inyección SQL]
Puntos0

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!