CVE Details
Basic Information
| Title | PHPGurukul Online Course Registration System news-details.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-05-17T18:31:06.286Z |
| Modified | 2024-08-01T21:03:10.496Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Course Registration System |
| Version | 3.1 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
AI Analysis
| AI Description | A SQL injection vulnerability exists in PHPGurukul’s Online Course Registration System version 3.1. This allows remote attackers to inject SQL code via the ‘nid’ argument in news-details.php, potentially leading to unauthorized database access without authentication. |
|---|---|
| AI Severity | Medium |
| AI Vendor | PHPGurukul |
| AI Product | Online Course Registration System |
| AI Version | 3.1 |
Affected Products
- PHPGurukul Online Course Registration System 3.1
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264923.