CVE-2024-5065: PHPGurukul Online Course Registration System sql injection
First published: Fri May 17 2024(Updated: )
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264924.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Online Course Registration | ||
| =3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-5065?
CVE-2024-5065 is classified as a critical vulnerability.
How does CVE-2024-5065 affect the PHPGurukul Online Course Registration System?
CVE-2024-5065 allows for SQL injection through the manipulation of the 'regno' parameter.
Can CVE-2024-5065 be exploited remotely?
Yes, CVE-2024-5065 can be exploited remotely.
What systems are impacted by CVE-2024-5065?
CVE-2024-5065 impacts PHPGurukul Online Course Registration System version 3.1.
How can I mitigate CVE-2024-5065?
Mitigation for CVE-2024-5065 involves sanitizing user input to prevent SQL injection.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/epss
- collector/epss-latest
- source/FIRST
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- vendor/phpgurukul
- canonical/online course registration
- version/online course registration/3.1