| Title | Phpgurukul Zoo Management System V2.1 SQL Injection |
|---|
| Description | During the security assessment of the RTBS Project PH, a critical SQL injection vulnerability was found in the /aboutus.php file. This flaw arises from insufficient validation of the pagetitle parameter, which allows attackers to inject arbitrary SQL commands. As a result, malicious users can compromise the database, potentially exposing confidential data, modifying information, or even deleting critical records. Immediate action is needed to mitigate this vulnerability and ensure the security and integrity of the system. |
|---|
| Source | ⚠️ https://github.com/81a2in9/cve/issues/1 |
|---|
| User | B1a2ing (UID 83492) |
|---|
| Submission | 03/30/2025 13:21 (1 Year ago) |
|---|
| Moderation | 04/03/2025 17:48 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 303245 [PHPGurukul Zoo Management System 2.1 /aboutus.php pagetitle/pagedes sql injection] |
|---|
| Points | 20 |
|---|