| Title | PHPGurukul Phpgurukul Zoo Management System 2.1 SQL Injection |
|---|
| Description | While conducting a security review of "Zoo Management System", I discovered a critical SQL injection vulnerability in the "/admin/index.php" file. The vulnerability stems from insufficient user input validation of the "username" parameter, allowing an attacker to inject malicious SQL queries. As a result, attackers can gain unauthorized access to the database, modify or delete data, and access sensitive information. Immediate remedial action is required to ensure system security and protect data integrity. |
|---|
| Source | ⚠️ https://github.com/Camllia2024/mycve/issues/2 |
|---|
| User | Camllia218 (UID 83396) |
|---|
| Submission | 03/30/2025 13:42 (1 Year ago) |
|---|
| Moderation | 04/03/2025 17:48 (4 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 239221 [Zoo Management System 1.0/2.1 Admin Sign-in Page username/password sql injection] |
|---|
| Points | 0 |
|---|