A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XPhpgurukul News Portal
APPPhpgurukul4.1
Related vulnerabilities
Nieautoryzowany upload pliku dowolnego formatu w Phpgurukul News Portal
SQL Injection w Phpgurukul News Portal V4.1 (check_availablity.php)
Arbitrary File Deletion w Phpgurukul News Portal V4.1 (remove_file.php)
A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vuln...
A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this i...