CVE Catalog

CVE-2024-51064

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.54%

42th percentile - higher than 42% of all known CVEs

Summary

Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the 'tid' parameter in admin/queries.php. An attacker can exploit this flaw to execute arbitrary SQL queries on the database.

Risk Assessment

The risk includes unauthorized access to sensitive teacher data, modification or deletion of records, and potential full system compromise.

Recommendation

Immediately update the system to the latest version or apply a security patch. Additionally, validate and sanitize all input parameters, especially 'tid'.

Original NVD description (English source)

Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS