Vulnerabilities > Phpgurukul > Student Result Management System > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-48722 SQL Injection vulnerability in PHPgurukul Student Result Management System 1.0
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-48720 SQL Injection vulnerability in PHPgurukul Student Result Management System 1.0
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-48718 SQL Injection vulnerability in PHPgurukul Student Result Management System 1.0
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8