Filtered by vendor Phpgurukul
Subscriptions
Total
364 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-11965 | 1 Phpgurukul | 1 Complaint Management System | 2024-12-04 | 7.3 High |
| A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11966 | 1 Phpgurukul | 1 Complaint Management System | 2024-12-04 | 7.3 High |
| A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11967 | 1 Phpgurukul | 1 Complaint Management System | 2024-12-03 | 7.3 High |
| A vulnerability was found in PHPGurukul Complaint Management system 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/reset-password.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11817 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2024-12-03 | 7.3 High |
| A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11818 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2024-12-03 | 7.3 High |
| A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-53364 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2024-12-02 | 5.4 Medium |
| A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries. | ||||
| CVE-2024-53604 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-29 | 9.8 Critical |
| A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter. | ||||
| CVE-2023-48718 | 1 Phpgurukul | 1 Student Result Management System | 2024-11-27 | 9.8 Critical |
| Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2024-53635 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-27 | 4.8 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | ||||
| CVE-2024-53603 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-27 | 7.3 High |
| A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter. | ||||
| CVE-2023-34647 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-27 | 6.1 Medium |
| PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS). | ||||
| CVE-2023-34652 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-27 | 6.1 Medium |
| PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course. | ||||
| CVE-2023-23163 | 1 Phpgurukul | 1 Art Gallery Management System | 2024-11-27 | 9.8 Critical |
| Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter. | ||||
| CVE-2023-31936 | 1 Phpgurukul | 1 Rail Pass Management System | 2024-11-27 | 7.2 High |
| Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file. | ||||
| CVE-2024-51208 | 1 Phpgurukul | 1 Boat Booking System | 2024-11-26 | 7.2 High |
| File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | ||||
| CVE-2023-0562 | 1 Phpgurukul | 1 Bank Locker Management System | 2024-11-25 | 7.3 High |
| A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219716. | ||||
| CVE-2023-6465 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615. | ||||
| CVE-2024-39090 | 1 Phpgurukul | 1 Online Shopping Portal | 2024-11-21 | 6.1 Medium |
| The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. | ||||
| CVE-2024-37798 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 5.9 Medium |
| Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field. | ||||
| CVE-2024-32254 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
| Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image. | ||||