CVE Details
Basic Information
| Title | PHPGurukul Student Result Management System GET Parameter notice-details.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-13T17:02:07.051Z |
| Modified | 2025-07-13T17:02:07.051Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Student Result Management System |
| Version | 2.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability exists in PHPGurukul Student Result Management System version 2.0. This vulnerability affects the GET Parameter Handler in notice-details.php, specifically the ‘nid’ argument, allowing remote attacks. The exploit is publicly disclosed, posing a significant risk. |
|---|---|
| AI Severity | High |
| AI Vendor | PHPGurukul |
| AI Product | Student Result Management System |
| AI Version | 2.0 |
Affected Products
- PHPGurukul Student Result Management System 2.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. Affected is an unknown function of the file /notice-details.php of the component GET Parameter Handler. The manipulation of the argument nid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.