Product
EgavilanMedia PHPCRUD 1.0 is vulnerable to SQL injection (CVE-2021-47956), allowing unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter in a POST request to insert.php, potentially extracting sensitive database information.