CVE-2020-35427: SQL Injection
First published: Tue Jul 20 2021(Updated: )
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPGURUKUL Employee Record Management System | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-35427?
The severity of CVE-2020-35427 is critical with a CVSS score of 9.8.
How does CVE-2020-35427 affect PHPGurukul Employee Record Management System?
CVE-2020-35427 allows remote attackers to execute arbitrary SQL commands and bypass authentication in PHPGurukul Employee Record Management System 1.1.
What is the affected version of PHPGurukul Employee Record Management System?
The affected version of PHPGurukul Employee Record Management System is 1.1.
Is there a fix available for CVE-2020-35427?
Yes, it is recommended to update PHPGurukul Employee Record Management System to a version that has patched the SQL injection vulnerability.
Where can I find more information about CVE-2020-35427?
You can find more information about CVE-2020-35427 on the official PHPGurukul website and the Exploit Database.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/phpgurukul
- canonical/phpgurukul employee record management system
- version/phpgurukul employee record management system/1.1