CVE-2024-35511 PoC — PHPGurukul Men Salon Management System 安全漏洞

Source

https://github.com/efekaanakkar/CVE-2024-35511

Associated Vulnerability

Title:PHPGurukul Men Salon Management System 安全漏洞 (CVE-2024-35511)
Description:PHPGurukul Men Salon Management System是美国PHPGurukul公司的一个男士沙龙管理系统。 PHPGurukul Men Salon Management System v2.0版本存在安全漏洞。攻击者利用该漏洞通过 /msms/admin/index.php 的“username”参数进行 SQL 注入攻击。

Description

Men Salon Management System Using PHP and MySQL

Readme

# PHPGurukul Men Salon Management System 2.0
+ Welcome to the PHPGurukul Men Salon Management System 2.0 repository. This project aims to provide a robust system for Men Salon Management.
## Security Vulnerabilities
### CVE-2024-35511
+ Description: Vulnerable to SQL Injection via 'username' parameter.
+ Affected Version: 2.0
+ Impact: Attackers can manipulate the 'username' parameter, potentially gaining unauthorized access.
+ Solution: Implement proper input validation and utilize parameterized queries

File Snapshot


 [4.0K]  /data/pocs/fb41a011608fa83d5992f87cd12feeedd18da63d
├── [2.0K]  Men Salon Management System Using PHP and MySQL.md
└── [ 510]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!