Csentinel

**Name of the Vulnerable Software and Affected Versions** PHPGurukul User Management System version 1.0 **Description** A security flaw exists in PHPGurukul User Management System 1.0. Manipulation of the `emailid` argument in the `/login.php` file can lead to SQL injection. This attack can be initiated remotely. The exploit has been released publicly. **Recommendations** As a temporary workaround, consider restricting access to the `/login.php` file until a fix is available. Sanitize the `emailid` input to prevent SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Management System version 1.0 Description: A security flaw exists in PHPGurukul User Management System 1.0. The issue is related to SQL injection within an unknown function of the file `/admin/edit-user-profile.php`. The `uid` argument can be manipulated to trigger the injection remotely. The exploit has been released publicly. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul User Management System version 1.0 **Description** A SQL injection issue exists in PHPGurukul User Management System. The vulnerability is located in the `/admin/change-emailid.php` file. Manipulation of the `uid` argument can lead to SQL injection, and the attack can be executed remotely. The exploit has been made public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.