Submit #613168: PHPGurukul Student Result Management System V2.0 SQL Injectioninfo

TitelPHPGurukul Student Result Management System V2.0 SQL Injection
BeschreibungA critical unauthenticated SQL Injection vulnerability exists in Student Result Management System v2.0 by PHPGurukul. The vulnerable file `notice-details.php` uses the `nid` GET parameter in an unsanitized SQL query, which allows attackers to inject arbitrary SQL via both time-based and UNION-based injection methods. This can lead to full database compromise, including extraction of administrator credentials.
Quelle⚠️ https://github.com/4m3rr0r/Student-Result-Management-System/
Benutzer
 4m3rr0r (UID 85795)
Einreichung09.07.2025 23:25 (vor 11 Monaten)
Moderieren12.07.2025 13:32 (3 days later)
StatusAkzeptiert
VulDB Eintrag316230 [PHPGurukul Student Result Management System 2.0 GET Parameter /notice-details.php nid SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!