PHPGurukul Apartment Visitors Management System
0 remedies
cpe:2.3:a:phpgurukul:apartment_visitor_management_system:*:*:*:*:*:*:*
0 remedies
- 1.0
PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability in category.php
Vulnerability
A critical SQL injection vulnerability has been identified in version 1.0 of the PHPGurukul Apartment Visitors Management System. The issue resides in the category.php file, where the categoryname parameter is manipulated to inject malicious SQL queries. This vulnerability can be exploited remotely, without any authentication, allowing attackers to access, modify, or delete database information.
Impact
Exploitation of this vulnerability allows for unauthorized database access, manipulation of data, and potential disruption of services.
Reproduction
The vulnerability can be reproduced by sending a POST request to category.php with a crafted categoryname parameter that includes malicious SQL payloads. This can be done using tools like sqlmap, which automates the injection process and exploits the vulnerability.
Remediation
No specific mitigation measures are known for this vulnerability.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
7.5exploitability
9.1remediation
0.0relevance
0.0threat
6.4urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.