SQL Injection Vulnerability in Maid Hiring Management System by PHP Gurukul
CVE-2023-37690

4.8MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Maid Hiring Management System
Vendor: CVE Published:; 8 August 2023

What is CVE-2023-37690?

The Maid Hiring Management System version 1.0 has been found to have a SQL injection vulnerability within its Search Maid functionality. This flaw allows an attacker to manipulate SQL queries through user input, potentially leading to unauthorized access to sensitive data in the database. Users of the affected system should apply appropriate security measures to mitigate this vulnerability. For more details and mitigation strategies, please refer to the official documentation and bug reports.

References

http://phpgurukul.com

https://phpgurukul.com/maid-hiring-management-system-usin...

http://maid.com

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2023
Vulnerability Reserved
Jul 10, 2023

PHPgurukul

What is CVE-2023-37690?

References

CVSS V3.1

Timeline