CVE-2020-35427SQL Injection in Employee Record Management System

CWE-89SQL Injection3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
1.1%
top 21.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Employee Record Management System
Timeline
PublishedJul 20
Latest updateMay 24

Description

SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3562-xr8f-cfw7: SQL injection vulnerability in PHPGurukul Employee Record Management System 12022-05-24
CVEList
CVE-2020-35427: SQL injection vulnerability in PHPGurukul Employee Record Management System 12021-07-20
CVE-2020-35427 — SQL Injection | cvebase