PHPGurukul Art Gallery Management System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in PHPGurukul Art Gallery Management System version 1.0. The issue resides in the file '/admin/edit-artist-detail.php' when the 'editid' parameter is set to '1'. The vulnerability arises from inadequate input validation of the 'Name' argument, enabling attackers to inject malicious SQL queries. This could lead to unauthorized database access, data modification or deletion, and exposure of sensitive information.

Impact

Exploitation of this vulnerability allows for SQL injection, which can be used to manipulate database queries. This could result in unauthorized data access, data modification or deletion, and in some cases, executing administrative operations on the database.