SQL Injection Flaw in PHPGurukul Emergency Ambulance Hiring Portal
CVE-2024-3087
Key Information:
- Vendor
PHPgurukul
- Vendor
- CVE Published:
- 30 March 2024
Badges
What is CVE-2024-3087?
A serious SQL injection vulnerability has been discovered in the PHPGurukul Emergency Ambulance Hiring Portal version 1.0, specifically impacting the ambulance-tracking.php file. This vulnerability arises from improper sanitization of user input through the 'searchdata' parameter, allowing malicious actors to execute arbitrary SQL commands remotely. Successful exploitation could lead to unauthorized access to sensitive data from the backend database, causing significant risks to data confidentiality and integrity. Users and administrators are urged to apply the necessary security patches and implement input validation measures to safeguard against potential attacks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Emergency Ambulance Hiring Portal 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved