Filtered by vendor Phpgurukul
Subscriptions
Filtered by product Client Management System
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30985 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 9.8 Critical |
| SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters. | ||||
| CVE-2024-30986 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 6.5 Medium |
| Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter. | ||||
| CVE-2024-30987 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 6.8 Medium |
| Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters. | ||||
| CVE-2024-30988 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 6.8 Medium |
| Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar. | ||||
| CVE-2024-30989 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 5.4 Medium |
| Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter. | ||||
| CVE-2024-30990 | 1 Phpgurukul | 1 Client Management System | 2025-04-10 | 9.8 Critical |
| SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter. | ||||
| CVE-2024-51209 | 1 Phpgurukul | 1 Client Management System | 2025-03-31 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page. | ||||
| CVE-2024-48570 | 2 Client Management System, Phpgurukul | 2 Client Management System, Client Management System | 2024-10-25 | 7.5 High |
| Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. | ||||
Page 1 of 1.