Vulnerabilities > Phpgurukul > Teachers Record Management System

DATE CVE VULNERABILITY TITLE RISK
2021-07-01 CVE-2021-28423 SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php.
network
low complexity
phpgurukul CWE-89
8.8
8.8
2021-07-01 CVE-2021-28424 Cross-site Scripting vulnerability in PHPgurukul Teachers Record Management System 1.0
A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2021-02-15 CVE-2021-26822 SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8