SQL Injection Vulnerability in PHPGurukul Small CRM 3.0 Users Login Panel

SQL Injection Vulnerability in PHPGurukul Small CRM 3.0 Users Login Panel

CVE-2023-50035 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.