CVE-2020-35427

Name of the Vulnerable Software and Affected Versions: PHPGurukul Employee Record Management System version 1.1

Description: The issue allows remote attackers to execute arbitrary SQL commands and bypass authentication. This is a SQL injection vulnerability.

Recommendations: For PHPGurukul Employee Record Management System version 1.1, consider temporarily disabling the authentication module until a patch is available. Restrict access to sensitive database operations to minimize the risk of exploitation. Avoid using user-input data directly in SQL queries until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.