cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3771,https://securityvulnerability.io/vulnerability/CVE-2024-3771,SQL Injection Vulnerability in PHPGurukul Student Record System,"A critical security flaw has been identified in PHPGurukul's Student Record System 3.20, specifically within the /edit-subject.php file. This vulnerability enables an attacker to exploit the application through a SQL injection that manipulates input arguments such as sub1, sub2, sub3, and udate. The exploitation can be initiated remotely, allowing unauthorized access to sensitive data stored within the database. As this vulnerability has been publicly disclosed, it is essential for users and administrators to implement immediate mitigations to safeguard their systems from potential attacks.",PHPgurukul,Student Record System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-15T04:31:05.000Z,true,false,false,,2024-04-15T05:31:05.322Z,0
CVE-2024-3770,https://securityvulnerability.io/vulnerability/CVE-2024-3770,SQL Injection Vulnerability in PHPGurukul Student Record System,"A critical vulnerability has been identified in the PHPGurukul Student Record System 3.20 that allows for SQL injection through the manipulation of input parameters in the /manage-courses.php script. This security issue can be exploited remotely, posing a significant risk to the integrity of the database and sensitive student records. Attackers can take advantage of this flaw to execute arbitrary SQL commands, leading to unauthorized data access and potential data breaches. It is crucial for users of this system to assess their security posture and implement necessary patches or mitigations to prevent exploitation.",PHPgurukul,Student Record System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-15T04:00:06.000Z,true,false,false,,2024-04-15T05:00:06.903Z,0
CVE-2024-3769,https://securityvulnerability.io/vulnerability/CVE-2024-3769,SQL Injection Vulnerability in PHPGurukul Student Record System,"A serious SQL injection vulnerability has been identified in the PHPGurukul Student Record System, specifically in the /login.php file of version 3.20. This vulnerability allows an attacker to manipulate the 'id' and 'password' parameters in a way that can compromise the application's security. The impact of this flaw could be substantial, enabling remote attackers to execute arbitrary SQL queries against the database, potentially leading to data exposure or unauthorized access. Given that the exploit has been made public, it is crucial for users of the affected version to take immediate action to secure their systems. For more information, refer to VDB-260616 for detailed technical insights and mitigation strategies.",PHPgurukul,Student Record System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-15T03:00:05.000Z,true,false,false,,2024-04-15T04:00:05.316Z,0
CVE-2021-26764,https://securityvulnerability.io/vulnerability/CVE-2021-26764,SQL Injection Flaw in PHPGurukul Student Record System,"A SQL injection vulnerability exists in PHPGurukul's Student Record System version 4.0, which allows remote attackers to manipulate and execute arbitrary SQL statements through the 'id' parameter in edit-std.php. This security flaw can be exploited to compromise the underlying database, potentially exposing sensitive information and affecting the integrity of the application.",PHPgurukul,Student Record System,8.8,HIGH,0.023660000413656235,false,,false,false,false,,,false,false,,2021-07-22T15:56:33.000Z,0
CVE-2021-26762,https://securityvulnerability.io/vulnerability/CVE-2021-26762,SQL Injection Vulnerability in PHPGurukul Student Record System,"The PHPGurukul Student Record System version 4.0 is impacted by a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL statements. This can occur through the 'cid' parameter in the 'edit-course.php' script, potentially leading to unauthorized access and manipulation of sensitive data within the system.",PHPgurukul,Student Record System,8.8,HIGH,0.050280001014471054,false,,false,false,false,,,false,false,,2021-07-22T15:43:51.000Z,0
CVE-2021-26765,https://securityvulnerability.io/vulnerability/CVE-2021-26765,SQL Injection Vulnerability in PHPGurukul Student Record System by PHPGurukul,"The PHPGurukul Student Record System version 4.0 contains a SQL injection vulnerability that enables remote attackers to execute arbitrary SQL statements through manipulation of the 'sid' parameter within the edit-sub.php script. This security flaw exposes the application to potential data breaches and unauthorized access, making it crucial for users and administrators to apply patches and updates to mitigate the risks associated with such vulnerabilities.",PHPgurukul,Student Record System,9.8,CRITICAL,0.03714999929070473,false,,false,false,false,,,false,false,,2021-07-22T15:33:26.000Z,0