Headline
CVE-2021-37807: Online Shopping Portal 3.1 SQL Injection ≈ Packet Storm
An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user’s email is already exist within the database.
Related news
CVE-2021-41647: GitHub - kaushikjadhav01/Online-Food-Ordering-Web-App: Online Food Ordering System Website using basic PHP, SQL, HTML & CSS. You can use any one of XAMPP, WAMP or LAMP server to run th...
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.