PatchSiren

Egavilanmedia CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Egavilanmedia CVE published 2026-05-16

CVE-2021-47956

CVE-2021-47956 describes an unauthenticated SQL injection in EgavilanMedia PHPCRUD 1.0. The issue affects database queries reached through the firstname parameter in a POST request to insert.php, allowing attackers to manipulate SQL and potentially extract sensitive database information.