| Title | PHPGurukul User Registration & Login and User Management System 3.3 SQL Injection |
|---|
| Description | The application does not sanitize the id parameter in the admin panel (lastthirtyays-reg-users.php). This allows attackers to inject arbitrary SQL queries using time-based blind techniques to bypass filters and extract information from the database. |
|---|
| Source | ⚠️ https://github.com/secfake/mycve/issues/2 |
|---|
| User | anhtrankma (UID 88207) |
|---|
| Submission | 07/22/2025 08:32 (9 months ago) |
|---|
| Moderation | 07/25/2025 08:49 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 317571 [PHPGurukul User Registration & Login and User Management 3.3 lastthirtyays-reg-users.php ID sql injection] |
|---|
| Points | 17 |
|---|