CVE-2024-27685 | THREATINT

Description

SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables.

PUBLISHED Reserved 2024-02-26 | Published 2025-06-25 | Updated 2025-06-25 | Assigner mitre

References

phpgurukul.com/student-record-system-php/

medium.com/...-system-using-php-and-mysql-v3-20-df2c6fe7dc15

cve.org (CVE-2024-27685)

nvd.nist.gov (CVE-2024-27685)

Download JSON