VYPR

Zoo Management System

by Phpgurukul

CVEs (32)

  • CVE-2024-5357May 26, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be…

  • CVE-2024-30986Apr 17, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.

  • CVE-2024-30989Apr 17, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.

  • CVE-2024-30988Apr 17, 2024
    risk 0.00cvss epss 0.01

    Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar.

  • CVE-2024-30990Apr 17, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.

  • CVE-2024-30987Apr 17, 2024
    risk 0.00cvss epss 0.01

    Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.

  • CVE-2024-30985Apr 17, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

  • CVE-2024-25351Feb 28, 2024
    risk 0.00cvss epss 0.00

    SQL Injection vulnerability in /zms/admin/changeimage.php in PHPGurukul Zoo Management System 1.0 allows attackers to run arbitrary SQL commands via the editid parameter.

  • CVE-2024-25350Feb 28, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in /zms/admin/edit-ticket.php in PHPGurukul Zoo Management System 1.0 via tickettype and tprice parameters.

  • CVE-2022-27992Apr 8, 2022
    risk 0.00cvss epss 0.02

    Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter.

  • CVE-2022-27351Apr 8, 2022
    risk 0.00cvss epss 0.03

    Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2020-25487Sep 22, 2020
    risk 0.00cvss epss 0.01

    PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.

Page 2 of 2