SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25952
Reference (s):
- https://phpgurukul.com/
- https://systemweakness.com/cve-2020-25952-f60fff8ffac
- https://th3cyb3rc0p.medium.com/cve-2020-25952-f60fff8ffac
- https://www.exploit-db.com/exploits/49052