Online Fire Reporting System
by Phpgurukul
CVEs (42)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-7585 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /admin/manage-site.php. The manipulation of the argument webtitle leads to sql injection. It is possible to launch the attack… | ||
| CVE-2025-7584 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /admin/add-team.php. The manipulation of the argument teammember leads to sql injection. The attack may be initiated… | ||
| CVE-2025-7583 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /admin/all-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be initiated… | ||
| CVE-2025-7582 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability, which was classified as critical, was found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/assigned-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the… | ||
| CVE-2025-7563 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/completed-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can… | ||
| CVE-2025-7562 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /admin/new-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to launch the attack… | ||
| CVE-2025-7561 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. This issue affects some unknown processing of the file /admin/team-ontheway-requests.php. The manipulation of the argument teamid leads to sql injection. The attack may be… | ||
| CVE-2025-7560 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. This vulnerability affects unknown code of the file /admin/workin-progress-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be… | ||
| CVE-2025-7559 | Med | 0.41 | 6.3 | 0.00 | Jul 14, 2025 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to… | ||
| CVE-2022-31978 | 0.04 | — | 0.07 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry. | |||
| CVE-2022-31983 | 0.04 | — | 0.03 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. | |||
| CVE-2022-31984 | 0.02 | — | 0.05 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=. | |||
| CVE-2022-31974 | 0.01 | — | 0.05 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. | |||
| CVE-2022-31980 | 0.01 | — | 0.02 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. | |||
| CVE-2022-31981 | 0.01 | — | 0.02 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. | |||
| CVE-2022-31982 | 0.01 | — | 0.02 | Jun 1, 2022 | Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=. | |||
| CVE-2025-40696 | 0.00 | — | 0.00 | Sep 11, 2025 | Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This… | |||
| CVE-2025-40695 | 0.00 | — | 0.00 | Sep 11, 2025 | Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint… | |||
| CVE-2025-40694 | 0.00 | — | 0.00 | Sep 11, 2025 | Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fromdate' and 'todate' parameters via POST at the endpoint '/ofrs/admin/bwdates-report-result.php'.… | |||
| CVE-2025-40693 | 0.00 | — | 0.00 | Sep 11, 2025 | Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /admin/manage-site.php. The manipulation of the argument webtitle leads to sql injection. It is possible to launch the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /admin/add-team.php. The manipulation of the argument teammember leads to sql injection. The attack may be initiated…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /admin/all-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be initiated…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/assigned-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/completed-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /admin/new-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to launch the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. This issue affects some unknown processing of the file /admin/team-ontheway-requests.php. The manipulation of the argument teamid leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. This vulnerability affects unknown code of the file /admin/workin-progress-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to…
- CVE-2022-31978Jun 1, 2022risk 0.04cvss —epss 0.07
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry.
- CVE-2022-31983Jun 1, 2022risk 0.04cvss —epss 0.03
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=.
- CVE-2022-31984Jun 1, 2022risk 0.02cvss —epss 0.05
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=.
- CVE-2022-31974Jun 1, 2022risk 0.01cvss —epss 0.05
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=.
- CVE-2022-31980Jun 1, 2022risk 0.01cvss —epss 0.02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=.
- CVE-2022-31981Jun 1, 2022risk 0.01cvss —epss 0.02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=.
- CVE-2022-31982Jun 1, 2022risk 0.01cvss —epss 0.02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=.
- CVE-2025-40696Sep 11, 2025risk 0.00cvss —epss 0.00
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This…
- CVE-2025-40695Sep 11, 2025risk 0.00cvss —epss 0.00
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint…
- CVE-2025-40694Sep 11, 2025risk 0.00cvss —epss 0.00
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fromdate' and 'todate' parameters via POST at the endpoint '/ofrs/admin/bwdates-report-result.php'.…
- CVE-2025-40693Sep 11, 2025risk 0.00cvss —epss 0.00
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters…
Page 1 of 3