Vulnerability Description
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpgurukul | User Registration \& Login And User Management System | 2.1 |
Related Weaknesses (CWE)
References
- https://phpgurukul.com/Vendor Advisory
- https://systemweakness.com/cve-2020-25952-f60fff8ffacExploitThird Party Advisory
- https://th3cyb3rc0p.medium.com/cve-2020-25952-f60fff8ffacExploitThird Party Advisory
- https://www.exploit-db.com/exploits/49052Third Party AdvisoryVDB Entry
- https://phpgurukul.com/Vendor Advisory
- https://systemweakness.com/cve-2020-25952-f60fff8ffacExploitThird Party Advisory
- https://th3cyb3rc0p.medium.com/cve-2020-25952-f60fff8ffacExploitThird Party Advisory
- https://www.exploit-db.com/exploits/49052Third Party AdvisoryVDB Entry
FAQ
What is CVE-2020-25952?
CVE-2020-25952 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
How severe is CVE-2020-25952?
CVE-2020-25952 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-25952?
Check the references section above for vendor advisories and patch information. Affected products include: Phpgurukul User Registration \& Login And User Management System.