CVE-2024-10156 | PHPGurukul Boat Booking System 1.0 Sign In Page /admin/index.php username sql injection

Posted by Angelo Barbosa | Oct 18, 2024 | CVE

A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Sign In Page. The manipulation of the argument username leads to sql injection.

This vulnerability was named CVE-2024-10156. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10156 | PHPGurukul Boat Booking System 1.0 Sign In Page /admin/index.php username sql injection

Related Posts

CVE-2024-23456 | Zscaler Client Connector up to 4.2.0.149 signature verification

CVE-2023-6608 | Tongda OA 2017 up to 11.9 delete.php DELETE_STR sql injection

CVE-2023-6890 | thorsten phpmyfaq up to 3.1.16 cross site scripting

CVE-2023-52689 | Linux Kernel up to 6.7.1 ALSA scarlett2_meter_ctl_get meter_level_map[] Privilege Escalation (74e3de7cdcc3/993f7b42fa06)