| Title | PHPGurukul Student Record System 3.20 SQL Injection |
|---|
| Description | Student Record Managment System 3.20 allows SQL Injection via the 'sub1', 'sub2' , 'sub3', 'sub4' and 'udate' parameters in "http://localhost/studentrecordms/edit-subject.php". Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit the latest vulnerabilities in the underlying database. |
|---|
| Source | ⚠️ https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20SQL%20Injection%20-%204.md |
|---|
| User | Burak (UID 65788) |
|---|
| Submission | 04/14/2024 16:32 (2 years ago) |
|---|
| Moderation | 04/14/2024 21:50 (5 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 260618 [PHPGurukul Student Record System 3.20 /edit-subject.php sub1/sub2/sub3/sub4/udate sql injection] |
|---|
| Points | 18 |
|---|