PHPGurukul Student Record System session.php sql injection

June 30, 2025 invoker category_cve

CVE Details

Basic Information

Title PHPGurukul Student Record System session.php sql injection
Type cve
Published 2025-06-30T14:02:06.649Z
Last Seen

Product Information

Vendor PHPGurukul
Product Student Record System
Version 3.2

CVSS Information

Base Score 5.3 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Confidentiality Impact
Integrity Impact
Availability Impact

AI Analysis

AI Description A SQL injection vulnerability in PHPGurukul Student Record System 3.2 allows remote attackers to inject SQL code via the session argument in session.php.
AI Severity Medium
Vendor PHPGurukul
Product Student Record System
Affected Version 3.2

Affected Products

  • PHPGurukul Student Record System 3.2

Additional Information

CVE List
CWE List CWE-89, CWE-74
Bulletin Family

Description

A vulnerability was found in PHPGurukul Student Record System 3.2. It has been classified as critical. This affects an unknown part of the file /session.php. The manipulation of the argument session leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.