CNNVD-202601-4547 Information

CNNVD ID

CNNVD-202601-4547

Related CVE

CVE-2020-36951

• CNNVD Published: 2026-01-27

Description (Chinese)

SGH是Geraked个人开发者的一个贷款资金管理PHP脚本。 SGH 0.1.0版本存在SQL注入漏洞，该漏洞源于对管理界面中id参数的操作不当，可能导致SQL注入攻击。

Description (English)

SSH is a loan fund management PHP script for Geraked personal developers. SSH version 0.1.0 has an injection loophole in SQL, which results from inappropriate operation of the id parameters in the management interface, which may lead to an attack on SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/geraked/phpscript-sgh https://www.exploit-db.com/exploits/49192 https://www.vulncheck.com/advisories/phpscript-sgh-time-based-blind-sql-injection

Patch

https://github.com/geraked/phpscript-sgh/releases