VYPR

Vehicle Parking Management System

by Phpgurukul

CVEs (60)

  • CVE-2025-45885May 9, 2025
    risk 0.00cvss epss 0.00

    PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file. Attackers can inject malicious code from the parameter 'emailcont' and use it directly in SQL queries.

  • CVE-2025-4153May 1, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in PHPGurukul Park Ticketing Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be launched…

  • CVE-2025-45015Apr 30, 2025
    risk 0.00cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. The vulnerability allows remote attackers to inject arbitrary JavaScript code via the fromdate and todate parameters.

  • CVE-2025-45010Apr 30, 2025
    risk 0.00cvss epss 0.00

    A HTML Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the fromdate and todate POST request parameters.

  • CVE-2025-45011Apr 30, 2025
    risk 0.00cvss epss 0.00

    A HTML Injection vulnerability was discovered in the foreigner-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata POST request parameter.

  • CVE-2025-45018Apr 30, 2025
    risk 0.00cvss epss 0.00

    A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter.

  • CVE-2025-45009Apr 30, 2025
    risk 0.00cvss epss 0.00

    A HTML Injection vulnerability was discovered in the normal-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata parameter.

  • CVE-2025-45017Apr 30, 2025
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter.

  • CVE-2025-45020Apr 30, 2025
    risk 0.00cvss epss 0.00

    A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request.

  • CVE-2025-45019Apr 30, 2025
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the cprice POST request parameter.

  • CVE-2025-29641Mar 21, 2025
    risk 0.00cvss epss 0.00

    Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via the 'searchinputdata' parameter.

  • CVE-2024-54811Dec 12, 2024
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter.

  • CVE-2024-53364Dec 2, 2024
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries.

  • CVE-2024-53365Nov 26, 2024
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field.

  • CVE-2024-46531Oct 30, 2024
    risk 0.00cvss epss 0.00

    phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php.

  • CVE-2023-26959Mar 27, 2023
    risk 0.00cvss epss 0.01

    Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.

  • CVE-2023-26958Mar 27, 2023
    risk 0.00cvss epss 0.00

    Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter.

  • CVE-2021-37806Oct 27, 2021
    risk 0.00cvss epss 0.02

    An SQL Injection vulnerability exists in https://phpgurukul.com Vehicle Parking Management System affected version 1.0. The system is vulnerable to time-based SQL injection on multiple endpoints. Based on the SLEEP(N) function payload that will sleep for a number of seconds used…

  • CVE-2021-37805Oct 27, 2021
    risk 0.00cvss epss 0.01

    A Stored Cross Site Scripting (XSS) vunerability exists in Sourcecodeste Vehicle Parking Management System affected version 1.0 is via the add-vehicle.php endpoint.

  • CVE-2020-23936Aug 20, 2020
    risk 0.00cvss epss 0.01

    PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".

Page 3 of 3