/

CVE-2023-1964 Report - Details, Severity, & Advisories

CVE-2023-1964 Report - Details, Severity, & Advisories

Twingate Team

Apr 25, 2024

A critical vulnerability, CVE-2023-1964, has been discovered in PHPGurukul Bank Locker Management System 1.0, affecting an unknown function within the password reset component. This vulnerability, related to a SQL injection issue, can be exploited remotely and has been disclosed to the public. Systems running PHPGurukul Bank Locker Management System 1.0 are at risk, with the vulnerability having a severity rating of 9.1 CRITICAL by NIST and 7.3 HIGH by VulDB.

How do I know if I'm affected?

If you're using PHPGurukul Bank Locker Management System 1.0, you may be affected by the vulnerability. This critical vulnerability is related to the password reset functionality, specifically in the recovery.php file. It allows for SQL injection through the manipulation of the argument 'uname/mobile'. To determine if you're affected, check if your system is running this specific version of the software. No information about affected Apple product versions has been found.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. Unfortunately, specific mitigation steps aren't provided in the sources. However, consider updating your system with patches or updates from the vendor, if available. If no solution is provided, you may need to explore alternative products without this vulnerability to ensure your system's security.

Is CVE-2023-1964 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1964 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical flaw, found in PHPGurukul Bank Locker Management System 1.0, affects the password reset function and allows for SQL injection. No specific date added, due date, or required action is provided. It's essential to stay informed and take necessary precautions to protect your system.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves a SQL injection issue in the password reset function of PHPGurukul Bank Locker Management System 1.0, impacting confidentiality, integrity, and availability.

For more details

CVE-2023-1964 is a critical vulnerability in PHPGurukul Bank Locker Management System 1.0, with potential impacts on confidentiality, integrity, and availability. For a comprehensive analysis of this vulnerability, including technical details and affected software configurations, refer to the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-1964 Report - Details, Severity, & Advisories

CVE-2023-1964 Report - Details, Severity, & Advisories

Twingate Team

Apr 25, 2024

A critical vulnerability, CVE-2023-1964, has been discovered in PHPGurukul Bank Locker Management System 1.0, affecting an unknown function within the password reset component. This vulnerability, related to a SQL injection issue, can be exploited remotely and has been disclosed to the public. Systems running PHPGurukul Bank Locker Management System 1.0 are at risk, with the vulnerability having a severity rating of 9.1 CRITICAL by NIST and 7.3 HIGH by VulDB.

How do I know if I'm affected?

If you're using PHPGurukul Bank Locker Management System 1.0, you may be affected by the vulnerability. This critical vulnerability is related to the password reset functionality, specifically in the recovery.php file. It allows for SQL injection through the manipulation of the argument 'uname/mobile'. To determine if you're affected, check if your system is running this specific version of the software. No information about affected Apple product versions has been found.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. Unfortunately, specific mitigation steps aren't provided in the sources. However, consider updating your system with patches or updates from the vendor, if available. If no solution is provided, you may need to explore alternative products without this vulnerability to ensure your system's security.

Is CVE-2023-1964 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1964 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical flaw, found in PHPGurukul Bank Locker Management System 1.0, affects the password reset function and allows for SQL injection. No specific date added, due date, or required action is provided. It's essential to stay informed and take necessary precautions to protect your system.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves a SQL injection issue in the password reset function of PHPGurukul Bank Locker Management System 1.0, impacting confidentiality, integrity, and availability.

For more details

CVE-2023-1964 is a critical vulnerability in PHPGurukul Bank Locker Management System 1.0, with potential impacts on confidentiality, integrity, and availability. For a comprehensive analysis of this vulnerability, including technical details and affected software configurations, refer to the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-1964 Report - Details, Severity, & Advisories

Twingate Team

Apr 25, 2024

A critical vulnerability, CVE-2023-1964, has been discovered in PHPGurukul Bank Locker Management System 1.0, affecting an unknown function within the password reset component. This vulnerability, related to a SQL injection issue, can be exploited remotely and has been disclosed to the public. Systems running PHPGurukul Bank Locker Management System 1.0 are at risk, with the vulnerability having a severity rating of 9.1 CRITICAL by NIST and 7.3 HIGH by VulDB.

How do I know if I'm affected?

If you're using PHPGurukul Bank Locker Management System 1.0, you may be affected by the vulnerability. This critical vulnerability is related to the password reset functionality, specifically in the recovery.php file. It allows for SQL injection through the manipulation of the argument 'uname/mobile'. To determine if you're affected, check if your system is running this specific version of the software. No information about affected Apple product versions has been found.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. Unfortunately, specific mitigation steps aren't provided in the sources. However, consider updating your system with patches or updates from the vendor, if available. If no solution is provided, you may need to explore alternative products without this vulnerability to ensure your system's security.

Is CVE-2023-1964 in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1964 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical flaw, found in PHPGurukul Bank Locker Management System 1.0, affects the password reset function and allows for SQL injection. No specific date added, due date, or required action is provided. It's essential to stay informed and take necessary precautions to protect your system.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves a SQL injection issue in the password reset function of PHPGurukul Bank Locker Management System 1.0, impacting confidentiality, integrity, and availability.

For more details

CVE-2023-1964 is a critical vulnerability in PHPGurukul Bank Locker Management System 1.0, with potential impacts on confidentiality, integrity, and availability. For a comprehensive analysis of this vulnerability, including technical details and affected software configurations, refer to the NVD page or the links below.