CVE-2023-1949

Name of the Vulnerable Software and Affected Versions PHPGurukul BP Monitoring Management System version 1.0

Description A critical issue was found in the Change Password Handler component, specifically in the file change-password.php. The manipulation of the password argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For PHPGurukul BP Monitoring Management System version 1.0, consider disabling the Change Password Handler component until a patch is available. Restrict access to the change-password.php file to minimize the risk of exploitation. Avoid using the password argument in the affected component until the issue is resolved.