PT-2026-30430 · Unknown · Phpgurukul Online Shopping Portal Project
F1Rstb100D
·
Published
2026-04-05
·
Updated
2026-04-05
·
CVE-2026-5560
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
PHPGurukul Online Shopping Portal Project version 2.1
Description
A SQL injection issue exists in PHPGurukul Online Shopping Portal Project 2.1. The issue is located in the
/payment-method.php file, within the Parameter Handler component. Manipulation of the paymethod parameter can trigger a SQL injection. The attack can be initiated remotely and the exploit has been made public.Recommendations
Update to a newer version of PHPGurukul Online Shopping Portal Project that addresses this issue.
Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpgurukul Online Shopping Portal Project