Sruki

Name of the Vulnerable Software and Affected Versions: PHPGurukul Small CRM version 4.0 Description: A SQL injection issue exists in PHPGurukul Small CRM version 4.0, specifically within the `/profile.php` file. The `Name` parameter is susceptible to manipulation, allowing for remote exploitation. The exploit has been publicly disclosed. Recommendations: As a temporary workaround, consider restricting access to the `/profile.php` file until a patch is available. Sanitize the `Name` parameter before using it in any SQL queries.