CVE-2026-5583 | PHPGurukul Online Shopping Portal Project 2.1 Parameter /my-profile.php fullname sql injection

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1 and classified as critical. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection.

This vulnerability is traded as CVE-2026-5583. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-5583 | PHPGurukul Online Shopping Portal Project 2.1 Parameter /my-profile.php fullname sql injection

Post correlati

CVE-2026-24332 | Discord up to 2026-01-16 WebSocket API Service response discrepancy

CVE-2026-31999 | OpenClaw up to 2026.3.0 on Windows Wrapper os command injection (GHSA-6f6j-wx9w-ff4j)

CVE-2024-6737 | 2100 Technology Electronic Official Document Management System up to 5.0.76 Setting access control

CVE-2024-7919 | Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 GetDataList access control