Vulnerabilities > Phpgurukul > Teachers Record Management System > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-01	CVE-2021-28423	SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0 Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. network low complexity phpgurukul CWE-89	8.8
2021-07-01	CVE-2021-28424	Cross-site Scripting vulnerability in PHPgurukul Teachers Record Management System 1.0 A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. network low complexity phpgurukul CWE-79	5.4
2021-02-15	CVE-2021-26822	SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0 Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. network low complexity phpgurukul CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.