CVE-2024-5066

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration System version 3.1

Description: A critical vulnerability was found in the PHPGurukul Online Course Registration System, affecting an unknown functionality of the file /pincode-verification.php. The manipulation of the pincode argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations: For PHPGurukul Online Course Registration System version 3.1, consider disabling the /pincode-verification.php file or restricting access to it until a patch is available. Avoid using the pincode argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.