Vulnerability Description
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpgurukul | Teachers Record Management System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26822ExploitThird Party Advisory
- https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ProductThird Party Advisory
- https://www.exploit-db.com/exploits/49562ExploitThird Party AdvisoryVDB Entry
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26822ExploitThird Party Advisory
- https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ProductThird Party Advisory
- https://www.exploit-db.com/exploits/49562ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2021-26822?
CVE-2021-26822 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthentica...
How severe is CVE-2021-26822?
CVE-2021-26822 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-26822?
Check the references section above for vendor advisories and patch information. Affected products include: Phpgurukul Teachers Record Management System.