SQL Injection Vulnerability in PHPGurukul Small CRM 3.0 Users Login Panel
CVE-2023-50035 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.