Vulnerability Details CVE-2021-26764
SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://github.com/BigTiger2020/Student-Record-System-/blob/main/README.md
- https://packetstormsecurity.com/files/161237/Student-Record-System-4.0-SQL-Injection.html
- https://phpgurukul.com/
- https://phpgurukul.com/wp-content/uploads/2019/05/schoolmanagement.zip
- https://github.com/BigTiger2020/Student-Record-System-/blob/main/README.md
- https://packetstormsecurity.com/files/161237/Student-Record-System-4.0-SQL-Injection.html
- https://phpgurukul.com/
- https://phpgurukul.com/wp-content/uploads/2019/05/schoolmanagement.zip
Products affected by CVE-2021-26764
-
cpe:2.3:a:phpgurukul:student_record_system:4.0