| 제목 | PHPGurukul Students Record Management Project in PHP V 3.20 SQL Injection |
|---|
| 설명 | A critical SQL injection vulnerability has been identified in version 3.20 of the Students Record Management Project in PHP.
This vulnerability resides in the login functionality of the login.php file.
Due to insufficient input validation and lack of proper sanitization, an attacker can exploit the id parameter to inject malicious SQL commands.
Successful exploitation may allow an attacker to bypass authentication or extract sensitive information from the database.
This vulnerability poses a significant security risk as it can be exploited without prior authentication.
Immediate remediation is strongly recommended to protect the system from potential attacks. |
|---|
| 원천 | ⚠️ https://github.com/y7syeu/CVE/issues/1 |
|---|
| 사용자 | Huoma (UID 85596) |
|---|
| 제출 | 2025. 05. 22. AM 10:55 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 05. 26. PM 03:35 (4 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 310312 [PHPGurukul Student Record System 3.20 /login.php 아이디 SQL 주입] |
|---|
| 포인트들 | 20 |
|---|