CVE Details
Basic Information
| Title | PHPGurukul Pre-School Enrollment System enrollment.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-20T09:00:19.240Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Pre-School Enrollment System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the enrollment.php file of PHPGurukul Pre-School Enrollment System 1.0, specifically affecting the fathername parameter. This allows remote attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | High |
| Vendor | PHPGurukul |
| Product | Pre-School Enrollment System |
| Affected Version | 1.0 |
Affected Products
- PHPGurukul Pre-School Enrollment System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /enrollment.php. The manipulation of the argument fathername leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.