CVE-2024-51102 — SQL Injection in Student Management System

CWE-89 — SQL Injection3 documents3 sources

Severity

4.4MEDIUMNVD

EPSS

0.1%

top 72.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul Student Management System

Timeline

PublishedMay 23

Description

PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 1.8 | Impact: 2.5

Affected Packages1 packages

▶NVDphpgurukul/student_management_system1.0

🔴Vulnerability Details

CVEList

CVE-2024-51102: PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login↗2025-05-23

▶

GHSA

GHSA-rfmc-2hwr-mm4p: PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login↗2025-05-23

▶