CVE Details
Basic Information
| Title | PHPGurukul Student Record System register.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-30T16:32:07.016Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Student Record System |
| Version | 3.2 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in PHPGurukul Student Record System 3.2, allowing remote attackers to inject SQL code via the session argument in register.php. This could lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Student Record System |
| Affected Version | 3.2 |
Affected Products
- PHPGurukul Student Record System 3.2
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument session leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.