2021-07-01 14:38:45
mitre
PUBLISHED
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the editid GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the searchdata POST parameter in search.php.