Arbitrary Code Execution Vulnerability in COVID 19 Testing Management System
CVE-2024-53604
Currently unrated
Key Information:
- Vendor
- PHPGurukul
- Vendor
- CVE Published:
- 27 November 2024
Summary
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter.
References
Timeline
Vulnerability published
Vulnerability Reserved