CVE-2023-40852

CRITICAL

Phpgurukul <3.0 - SQL Injection

Title source: llm

Description

SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to obtain sensitive information via crafted string in the admin user name field on the admin log in page.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ashutosh Singh Umath · textwebappsphp

https://www.exploit-db.com/exploits/51695

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51695

Scores

CVSS v3 9.8

EPSS 0.0007

EPSS Percentile 21.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

user_registration_\&_login_and_user_management_system_with_admin_panel_project/user_registration_\&_login_and_user_management_system_with_admin_panel 3.0

Published Oct 16, 2023

Tracked Since Feb 18, 2026