Phpgurukul Student Management System SQL Injection Flaw

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Phpgurukul Student Management System SQL Injection Flaw

CVE-2024-55270

Summary

The Phpgurukul Student Management System's search function is not secure, allowing an attacker to access or modify sensitive data. This could lead to unauthorized changes or theft of student information. Update the software to a fixed version to protect against this risk.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
phpgurukul	student_management_system	1.0	–

Original title

phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter.

Original description

phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter.

nvd CVSS3.1 8.8

Vulnerability type

CWE-89 SQL Injection

https://github.com/shoaibalam112/CVE-2024-55270 Exploit Third Party Advisory
https://github.com/shoaibalam112/Student_Management-System_1.0 Exploit Third Party Advisory

Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026