| शीर्षक | PHPGurukul Student Study Center Management System using PHP and MySQL V1.0 SQL Injection |
|---|
| विवरण | During the security review process of the 'Student Learning Center Management System Using PHP and MySQL', I discovered a critical SQL injection vulnerability in the '/admin/report.php' file. This vulnerability arises from insufficient input validation of the "fromdate"parameters, allowing attackers to inject malicious SQL queries. Therefore, attackers can access databases, modify or delete data, and access sensitive information without authorization. Immediate remedial measures need to be taken to ensure system security and protect data integrity. |
|---|
| स्रोत | ⚠️ https://github.com/6BXK6/cve/issues/11 |
|---|
| उपयोगकर्ता | FengZheng (UID 84533) |
|---|
| सबमिशन | 25/05/2025 02:19 PM (11 महीनों पहले) |
|---|
| संयम | 26/05/2025 10:33 PM (1 day later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 310331 [PHPGurukul Student Study Center Management System 1.0 /admin/report.php fromdate/todate SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|