CVE-2024-3691 – PHPGurukul Small CRM Registration Page sql injection
https://notcve.org/view.php?id=CVE-2024-3691
A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the component Registration Page. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/nikhil-aniill/Small-CRM-CVE https://vuldb.com/?ctiid.260480 https://vuldb.com/?id.260480 https://vuldb.com/?submit.312975 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-3690 – PHPGurukul Small CRM Change Password sql injection
https://notcve.org/view.php?id=CVE-2024-3690
A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/psudo-bugboy/CVE-2024 https://vuldb.com/?ctiid.260479 https://vuldb.com/?id.260479 https://vuldb.com/?submit.312974 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •