Skip to main content

Pre School Enrollment System CVE-2023-47445

CRITICAL
SQL Injection (CWE-89)
2023-11-15 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 15, 2023 - 06:15 nvd
CRITICAL 9.8

DescriptionNVD

Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page.

AnalysisAI

Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. Affected products include: Phpgurukul Pre-School Enrollment System. Version information: version 1.0.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.

CVE-2024-54810 CRITICAL POC
9.8 Dec 12

A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment Sy

CVE-2025-28072 HIGH POC
7.5 Apr 16

PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php. Rated high severity

CVE-2025-50349 HIGH POC
7.5 Jun 23

PHPGurukul Pre-School Enrollment System v1.0 contains a directory traversal vulnerability in the update-teacher-pic.php

CVE-2025-50348 HIGH POC
7.5 Jun 23

CVE-2025-50348 is a Directory Traversal vulnerability in PHPGurukul Pre-School Enrollment System Project version 1.0, sp

CVE-2024-54790 HIGH POC
7.5 Dec 19

A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remo

CVE-2025-4031 MEDIUM POC
6.9 Apr 28

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. Rated medium severity (CVSS 6.9), this vulnera

CVE-2025-2088 MEDIUM POC
6.9 Mar 07

A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System up to 1.0. Rated

CVE-2025-2362 MEDIUM POC
6.9 Mar 17

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. Rated medium severity (CVSS 6.9), this vulnera

CVE-2025-2034 MEDIUM POC
6.9 Mar 06

A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Rated medium s

CVE-2025-1966 MEDIUM POC
6.9 Mar 05

A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Rated medium severity (

CVE-2025-50350 MEDIUM POC
5.4 Jun 26

PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.

CVE-2023-47446 MEDIUM POC
5.4 Nov 15

Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname param

Share

CVE-2023-47445 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy