Vulnerabilities (CVE)

Filtered by vendor Phpgurukul Subscribe

Filtered by product Teachers Record Management System

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-28423	1 Phpgurukul	1 Teachers Record Management System	2025-05-28	6.5 MEDIUM	8.8 HIGH
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php.
CVE-2024-51064	1 Phpgurukul	1 Teachers Record Management System	2025-03-31	N/A	9.8 CRITICAL
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php.
CVE-2024-51063	1 Phpgurukul	1 Teachers Record Management System	2025-03-31	N/A	9.1 CRITICAL
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter.
CVE-2024-48744	1 Phpgurukul	1 Teachers Record Management System	2025-03-31	N/A	6.1 MEDIUM
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter.
CVE-2021-28424	1 Phpgurukul	1 Teachers Record Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php.
CVE-2021-26822	1 Phpgurukul	1 Teachers Record Management System	2024-11-21	7.5 HIGH	9.8 CRITICAL
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.