Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
CVE-2021-47956: EgavilanMedia PHPCRUD 1.0 SQL Injection Risk
CVE-2021-47956
Summary
EgavilanMedia PHPCRUD 1.0 is at risk of unauthorized database access. Attackers can inject malicious code into the database by sending specific requests, potentially exposing sensitive information. Update to a fixed version or apply security patches to mitigate this risk.
Original title
EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attacke...
Original description
EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers can send POST requests to insert.php with malicious firstname values to extract sensitive database information.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 16 May 2026 · Updated: 28 May 2026 · First seen: 16 May 2026