PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phpgurukul_blood_donor_management_system_project | phpgurukul_blood_donor_management_system | 1.0 |