Vehicle Parking Management System
CVE-2020-23936
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'
&& Password: (Write Something)".
AnalysisAI
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'
&& Password: (Write Something)". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'
&& Password: (Write Something)". Affected products include: Phpgurukul Vehicle Parking Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.
PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file. Rat
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. Rated medium severity (CVSS 6.9), this v
A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Rated me
A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Rated
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Rated medium
An SQL Injection vulnerability exists in https://phpgurukul.com Vehicle Parking Management System affected version 1.0.
A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 i
A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php.
A Stored Cross Site Scripting (XSS) vunerability exists in Sourcecodeste Vehicle Parking Management System affected vers
A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System
A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. Rated medium se
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today