CVE-2024-55099 Information

Description

A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0 which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter.

Reference

https://github.com/achchhelalchauhan/phpgurukul/blob/main/SQL%20injection%20ONHP-username.pdf