4 matches found
CVE-2024-11967 PHPGurukul Complaint Management system reset-password.php sql injection
A vulnerability was found in PHPGurukul Complaint Management system 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/reset-password.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2024-11965 PHPGurukul Complaint Management system reset-password.php sql injection
A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit h...
CVE-2024-11965 PHPGurukul Complaint Management system reset-password.php sql injection
A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit h...
CVE-2020-28874
The CVE-2020-28874 issue affects ProjectSend’s reset-password.php before r1295, where incorrect business logic allows password reset without a valid token. Root cause: user_data is derived from an uncleaned username (GET parameter) and then reused in POST flow, enabling an attacker to trick the s...