VYPR

Medical Card Generation System

by Phpgurukul

CVEs (20)

  • CVE-2025-2378HigMar 17, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been classified as critical. This affects an unknown part of the file /download-medical-cards.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate…

  • CVE-2025-50370MedJun 27, 2025
    risk 0.42cvss 6.5epss 0.00

    A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET…

  • CVE-2025-50369MedJun 27, 2025
    risk 0.42cvss 6.5epss 0.00

    A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET…

  • CVE-2025-5670MedJun 5, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/manage-card.php. The manipulation of the argument ID leads to sql injection. The attack may be…

  • CVE-2025-5669MedJun 5, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/unreadenq.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2025-5668MedJun 5, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-50367MedJun 27, 2025
    risk 0.40cvss 6.1epss 0.00

    A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript.

  • CVE-2024-51099MedMay 23, 2025
    risk 0.40cvss 6.1epss 0.00

    A reflected cross-site scripting (XSS) vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted…

  • CVE-2024-48704MedMay 23, 2025
    risk 0.40cvss 6.1epss 0.00

    Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes.

  • CVE-2024-51108MedMay 23, 2025
    risk 0.35cvss 5.4epss 0.00

    Multiple stored cross-site scripting (XSS) vulnerabilities in the component /admin/card-bwdates-report.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the…

  • CVE-2024-51107MedMay 23, 2025
    risk 0.31cvss 4.8epss 0.00

    Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the…

  • CVE-2024-48703MedDec 6, 2024
    risk 0.31cvss 4.8epss 0.00

    PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.

  • CVE-2024-10301MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata leads to sql injection.…

  • CVE-2024-10300MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the argument viewid leads to…

  • CVE-2024-10299MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql…

  • CVE-2024-10298MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argument editid leads to sql…

  • CVE-2024-10297MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid…

  • CVE-2024-10296MedOct 23, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The…

  • CVE-2024-51106MedMay 19, 2025
    risk 0.30cvss 4.6epss 0.00

    A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.

  • CVE-2025-2650LowMar 23, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /download-medical-cards.php. The manipulation of the argument searchdata leads to cross site scripting.…