Medium
PHPGurukul Directory Management System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php and searchdata.php scripts using the searchdata and username parameters, which could allow the attacker to view, add, modify or delete information in the back-end database.
PHPGurukul
PHPGurukul Directory Management System 1.0
PHPGurukul is yet to provide a patch for the vulnerable product.