Jannick Tiger - Security Researcher - Exploit Intelligence Platform

CVE-2021-26764 WRITEUP HIGH WRITEUP

PHPGurukul Student Record System 4.0 - SQL Injection via edit-std.php id Parameter

SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.

CVSS 8.8

View Code

CVE-2021-26765 WRITEUP CRITICAL WRITEUP

PHPGurukul Student Record System 4.0 - SQL Injection via edit-sub.php sid Parameter

SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.

CVSS 9.8

View Code

CVE-2021-26809 EXPLOITDB CRITICAL python WORKING POC

PHPGurukul Car Rental Project 2.0 - Remote Shell Upload via changeimage1.php

PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.

CVSS 9.8

View Code

CVE-2021-26762 EXPLOITDB HIGH text WORKING POC

PHPGurukul Student Record System 4.0 - SQL Injection via edit-course.php cid Parameter

SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.

CVSS 8.8

View Code