Arbitrary SQL Command Execution in phpgurukul Teacher Subject Allocation Management System 1.0

Arbitrary SQL Command Execution in phpgurukul Teacher Subject Allocation Management System 1.0

CVE-2023-46024 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter.

Learn more about our Web Application Penetration Testing UK.