Zoo Management System
by Phpgurukul
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-5357 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be… | |||
| CVE-2024-30986 | 0.00 | — | 0.00 | Apr 17, 2024 | Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter. | |||
| CVE-2024-30989 | 0.00 | — | 0.00 | Apr 17, 2024 | Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter. | |||
| CVE-2024-30988 | 0.00 | — | 0.01 | Apr 17, 2024 | Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar. | |||
| CVE-2024-30990 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter. | |||
| CVE-2024-30987 | 0.00 | — | 0.01 | Apr 17, 2024 | Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters. | |||
| CVE-2024-30985 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters. | |||
| CVE-2024-25351 | 0.00 | — | 0.00 | Feb 28, 2024 | SQL Injection vulnerability in /zms/admin/changeimage.php in PHPGurukul Zoo Management System 1.0 allows attackers to run arbitrary SQL commands via the editid parameter. | |||
| CVE-2024-25350 | 0.00 | — | 0.01 | Feb 28, 2024 | SQL Injection vulnerability in /zms/admin/edit-ticket.php in PHPGurukul Zoo Management System 1.0 via tickettype and tprice parameters. | |||
| CVE-2022-27992 | 0.00 | — | 0.02 | Apr 8, 2022 | Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | |||
| CVE-2022-27351 | 0.00 | — | 0.03 | Apr 8, 2022 | Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | |||
| CVE-2020-25487 | 0.00 | — | 0.01 | Sep 22, 2020 | PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php. |
- CVE-2024-5357May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be…
- CVE-2024-30986Apr 17, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.
- CVE-2024-30989Apr 17, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.
- CVE-2024-30988Apr 17, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar.
- CVE-2024-30990Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
- CVE-2024-30987Apr 17, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.
- CVE-2024-30985Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.
- CVE-2024-25351Feb 28, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in /zms/admin/changeimage.php in PHPGurukul Zoo Management System 1.0 allows attackers to run arbitrary SQL commands via the editid parameter.
- CVE-2024-25350Feb 28, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in /zms/admin/edit-ticket.php in PHPGurukul Zoo Management System 1.0 via tickettype and tprice parameters.
- CVE-2022-27992Apr 8, 2022risk 0.00cvss —epss 0.02
Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter.
- CVE-2022-27351Apr 8, 2022risk 0.00cvss —epss 0.03
Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2020-25487Sep 22, 2020risk 0.00cvss —epss 0.01
PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.
Page 2 of 2