| タイトル | PHPGurukul Students Record Management Project in PHP V 3.20 SQL Injection |
|---|
| 説明 | A critical SQL injection vulnerability has been identified in version 3.20 of the Students Record Management Project in PHP.
This vulnerability resides in the login functionality of the login.php file.
Due to insufficient input validation and lack of proper sanitization, an attacker can exploit the id parameter to inject malicious SQL commands.
Successful exploitation may allow an attacker to bypass authentication or extract sensitive information from the database.
This vulnerability poses a significant security risk as it can be exploited without prior authentication.
Immediate remediation is strongly recommended to protect the system from potential attacks. |
|---|
| ソース | ⚠️ https://github.com/y7syeu/CVE/issues/1 |
|---|
| ユーザー | Huoma (UID 85596) |
|---|
| 送信 | 2025年05月22日 10:55 (1 年 ago) |
|---|
| モデレーション | 2025年05月26日 15:35 (4 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 310312 [PHPGurukul Student Record System 3.20 /login.php 識別子 SQLインジェクション] |
|---|
| ポイント | 20 |
|---|