| शीर्षक | PHPGurukul Online Course Registration System ≤ 3.1 SQL Injection |
|---|
| विवरण | A critical SQL Injection vulnerability was discovered in PHPGurukul Online Course Registration System v3.1. The vulnerability exists in the file /enroll.php, where multiple POST parameters (studentregno, Pincode, session, department, level, course, sem) are directly concatenated into an INSERT SQL query without any input validation or sanitization. An authenticated attacker can inject malicious SQL commands to extract sensitive data or compromise the database. |
|---|
| स्रोत | ⚠️ https://note-hxlab.wetolink.com/share/qX132pk8Wofk |
|---|
| उपयोगकर्ता | angelkate (UID 94159) |
|---|
| सबमिशन | 07/01/2026 07:21 AM (5 महीनों पहले) |
|---|
| संयम | 09/01/2026 10:42 AM (2 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 340255 [PHPGurukul Online Course Registration System तक 3.1 /enroll.php SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|