CVE-2024-51063
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk39th percentile - higher than 39% of all known CVEs
Summary
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL injection in add-teacher.php via the mobile number or email parameter. An attacker can manipulate these parameters to execute unauthorized database queries.
Risk Assessment
The risk includes potential leakage of sensitive teacher data, modification or deletion of database records, and possible privilege escalation within the system.
Recommendation
Immediately update the system to the latest version or apply a security patch. Additionally, implement input validation and parameterized SQL queries for all input parameters.
Original NVD description (English source)
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter.

