VYPR

Online Library Management System

by Phpgurukul

CVEs (15)

  • CVE-2025-7600MedJul 14, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, was found in PHPGurukul Online Library Management System 3.0. This affects an unknown part of the file /admin/student-history.php. The manipulation of the argument stdid leads to sql injection. It is possible to initiate the…

  • CVE-2026-6000MedApr 10, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be…

  • CVE-2025-7601LowJul 14, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. The manipulation of the argument stdid leads to cross site scripting. The attack can…

  • CVE-2020-28130Nov 17, 2020
    risk 0.01cvss epss 0.06

    An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).

  • CVE-2025-57118Sep 15, 2025
    risk 0.00cvss epss 0.01

    An issue in PHPGurukul Online-Library-Management-System v3.0 allows an attacker to escalate privileges via the index.php

  • CVE-2025-50488Jul 28, 2025
    risk 0.00cvss epss 0.00

    Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.

  • CVE-2025-50693Jun 24, 2025
    risk 0.00cvss epss 0.00

    PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference (IDOR) in odms/request-details.php.

  • CVE-2025-50695Jun 24, 2025
    risk 0.00cvss epss 0.00

    PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php.

  • CVE-2025-50699Jun 24, 2025
    risk 0.00cvss epss 0.00

    PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in odms/admin/view-user-queries.php.

  • CVE-2025-4263May 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be…

  • CVE-2025-4262May 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be…

  • CVE-2025-4214May 2, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The…

  • CVE-2025-2093Mar 7, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone number leads to weak…

  • CVE-2024-51076Oct 29, 2024
    risk 0.00cvss epss 0.00

    A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter.

  • CVE-2024-51075Oct 29, 2024
    risk 0.00cvss epss 0.00

    A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata parameter.