PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php.
https://phpgurukul.com/student-record-system-php
https://github.com/leexsoyoung/CVEs/blob/main/CVE-2024-44639.md