PT-2025-46969

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.2.0 Description The software contains a SQL Injection flaw through the sub1, sub2, sub3, sub4, and course-short parameters in the 'add-subject.php' file. This allows for potential unauthorized databas...

Student Record System add-subject.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in parameter sub1 in file /add-subject.php. An attacker can exploit this vulnerability to execute...

CVE-2025-4108

A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /add-subject.php. The manipulation of the argument sub1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Student Record System edit-subject.php file SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters sub1/sub2/sub3/sub4/udate in the file /edit-subject.php. An attacker can exploit thi...