CVE Details
Basic Information
| Title |
PHPGurukul Teacher Subject Allocation Management System edit-teacher-info.php sql injection |
| Type |
cve |
| Published |
2025-06-04T03:00:20.894Z |
| Last Seen |
|
Product Information
| Vendor |
PHPGurukul |
| Product |
Teacher Subject Allocation Management System |
| Version |
1.0 |
CVSS Information
| Base Score |
5.3 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical SQL injection vulnerability exists in PHPGurukul Teacher Subject Allocation Management System 1.0. Attackers can exploit this by manipulating the ‘editid’ parameter in the /admin/edit-teacher-info.php file, potentially compromising the system remotely. The exploit is publicly available and poses a significant risk. |
| AI Severity |
High |
| Vendor |
PHPGurukul |
| Product |
Teacher Subject Allocation Management System |
| Affected Version |
1.0 |
Additional Information
| CVE List |
|
| CWE List |
CWE-89, CWE-74 |
| Bulletin Family |
|
| Source Data |
PHPGurukul Teacher Subject Allocation Management System 1.0 |
Source Information
| Source Data |
PHPGurukul Teacher Subject Allocation Management System 1.0 |
| Source Link |
|
Description
A vulnerability, which was classified as critical, was found in PHPGurukul Teacher Subject Allocation Management System 1.0. This affects an unknown part of the file /admin/edit-teacher-info.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
View Full CVE Details
