Student Record System change-password.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from a lack of validation of the currentpassword parameter in change-password.php against an externally entered SQL statement. An attacker can exploit this vulnerability to...

CVE-2024-44633

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php...

CVE-2024-44633

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php...

CVE-2024-44633

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php...

CVE-2024-44633

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php. Root cause: insufficient input validation leading to unauthorized SQL execution. Impact: potential exposure of database data (CVE-2024-44633 baseline severity MEDIUM, CVS...

PT-2025-46960

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.20 Description The PHPGurukul Student Record System is affected by a SQL Injection issue. This issue occurs via the currentpassword parameter in the 'change-password.php' file. Exploitation of this...

EUVD-2024-55083

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php...

The vulnerability of the changepassword.php (/admin/changepassword.php) script of the Employee Management System allows a perpetrator to execute arbitrary code.

The vulnerability of the changepassword.php /admin/changepassword.php script of the Employee Management System is related to the failure to remove special elements during the processing of the currentpassword parameter. Exploiting this vulnerability allows an attacker operating remotely to execut...

CVE-2023-44828

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Employee Record Management System changepassword.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter currentpassword in the file changepassword.php. An...

Student Record System change-password.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter currentpassword in the file /change-password.php. An attacker can exploit this...

CVE-2025-4164

A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely...

PHPGurukul Employee Record Management System 注入漏洞

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter currentpassword in the file changepassword.php. An...

PHPGurukul Student Record System 安全漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter currentpassword in the file /change-password.php. An attacker can exploit this...

CVE-2025-28011

A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter...

CVE-2025-28011

CVE-2025-28011 affects PHPGurukul’s User Registration & Login and User Management System v3.3. The vulnerability is in loginsystem/change-password.php where the currentpassword POST parameter is mishandled, enabling a SQL injection that can allow remote attackers to execute arbitrary code. The do...

The vulnerability of the CheckPasswdSettings() function in D-Link DIR-823G router software allows a hacker to cause a service failure.

The vulnerability of the CheckPasswdSettings function in D-Link DIR-823G router microprogramming software is related to the operation of writing data outside of the buffer in memory when processing the CurrentPassword parameter. Exploiting this vulnerability could allow a malicious actor to cause...

CVE-2023-44828

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G A1V1.0.2B05 version, which stems from the CurrentPassword parameter of the CheckPasswdSettings method failing to correctly validate the length size of the input data,...

PT-2023-5728 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the CheckPasswdSettings function when handling the CurrentPassword parameter. This can be exploited by a remote attacker to cause a Denial of Servic...