{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/egavilanmedia/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2021-47956"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PHPCRUD"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve-2021-47956"],"_cs_type":"advisory","_cs_vendors":["EgavilanMedia"],"content_html":"\u003cp\u003eEgavilanMedia PHPCRUD version 1.0 is susceptible to SQL injection, as identified by CVE-2021-47956. This vulnerability allows unauthenticated attackers to inject malicious SQL code through the \u003ccode\u003efirstname\u003c/code\u003e parameter. By sending crafted POST requests to the \u003ccode\u003einsert.php\u003c/code\u003e endpoint, attackers can manipulate database queries to extract sensitive information. Successful exploitation of this flaw could lead to unauthorized access to data stored within the application\u0026rsquo;s database. This vulnerability poses a significant risk to systems running the affected version of PHPCRUD due to the ease of exploitation and potential for significant data compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a PHPCRUD 1.0 instance.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious SQL injection payload.\u003c/li\u003e\n\u003cli\u003eAttacker sends an HTTP POST request to \u003ccode\u003e/insert.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe POST request includes the crafted SQL injection payload in the \u003ccode\u003efirstname\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe application\u0026rsquo;s \u003ccode\u003einsert.php\u003c/code\u003e script processes the POST request without proper sanitization.\u003c/li\u003e\n\u003cli\u003eThe unsanitized \u003ccode\u003efirstname\u003c/code\u003e parameter is incorporated into an SQL query.\u003c/li\u003e\n\u003cli\u003eThe malicious SQL query is executed against the database.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive data from the database.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability allows an attacker to read, modify, or delete sensitive information within the PHPCRUD 1.0 database. This may include user credentials, personal data, or other confidential application data. The CVSS v3.1 score of 8.2 highlights the high severity, reflecting the potential for significant data compromise.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or updates provided by EgavilanMedia to address CVE-2021-47956 to remediate the SQL injection vulnerability.\u003c/li\u003e\n\u003cli\u003eImplement the Sigma rule \u0026ldquo;Detect CVE-2021-47956 Exploitation — PHPCRUD SQL Injection\u0026rdquo; to identify potential exploitation attempts targeting the vulnerable insert.php endpoint.\u003c/li\u003e\n\u003cli\u003eReview and sanitize all user inputs, especially those passed via HTTP POST requests, to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eImplement parameterized queries or prepared statements to prevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:20:23Z","date_published":"2026-05-16T16:20:23Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2021-47956-phpcrud-sqli/","summary":"EgavilanMedia PHPCRUD 1.0 is vulnerable to SQL injection (CVE-2021-47956), allowing unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter in a POST request to insert.php, potentially extracting sensitive database information.","title":"EgavilanMedia PHPCRUD 1.0 SQL Injection Vulnerability (CVE-2021-47956)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2021-47956-phpcrud-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — EgavilanMedia","version":"https://jsonfeed.org/version/1.1"}