CVE Catalog

CVE-2024-51063

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.49%

39th percentile - higher than 39% of all known CVEs

Summary

Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL injection in add-teacher.php via the mobile number or email parameter. An attacker can manipulate these parameters to execute unauthorized database queries.

Risk Assessment

The risk includes potential leakage of sensitive teacher data, modification or deletion of database records, and possible privilege escalation within the system.

Recommendation

Immediately update the system to the latest version or apply a security patch. Additionally, implement input validation and parameterized SQL queries for all input parameters.

Original NVD description (English source)

Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS