UNKNOWNCVE-2026-5641
PHPGurukul Online Shopping Portal Project Parameter update-image1.php sql injection
Platform
php
Component
phpgurukul-online-shopping-portal-project
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
How to fix
Actualice el proyecto PHPGurukul Online Shopping Portal Project a una versión corregida. Verifique y sanee todas las entradas de usuario, especialmente el parámetro 'filename', para prevenir la inyección SQL. Implemente validación y escape adecuados en las consultas SQL.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free