VYPR
Vendor

Phpgurukul

Products
63
CVEs
1,148
Across products
912
Status
Private

Products

63
View all 63 products →

Recent CVEs

1,148
View all 1,148 CVEs →
  • CVE-2026-37431CriMay 8, 2026
    risk 0.64cvss 9.8epss 0.00

    Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

  • CVE-2026-37345CriApr 16, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.

  • CVE-2025-56214CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.

  • CVE-2025-56212CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.

  • CVE-2026-39109CriApr 20, 2026
    risk 0.61cvss 9.4epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve…

  • CVE-2025-57148CriSep 3, 2025
    risk 0.59cvss 9.1epss 0.00

    phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.

  • CVE-2025-51414HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.

  • CVE-2025-57151HigSep 3, 2025
    risk 0.57cvss 8.8epss 0.01

    phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter.

  • CVE-2025-56216HigAug 25, 2025
    risk 0.55cvss 8.5epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.

  • CVE-2026-39110HigApr 20, 2026
    risk 0.53cvss 8.2epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during…

  • CVE-2025-57146HigSep 3, 2025
    risk 0.53cvss 8.1epss 0.00

    phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.

  • CVE-2026-39111HigApr 20, 2026
    risk 0.49cvss 7.5epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve…

  • CVE-2025-57147HigSep 3, 2025
    risk 0.49cvss 7.5epss 0.00

    A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.

  • CVE-2025-7160HigJul 8, 2025
    risk 0.48cvss 7.3epss 0.02

    A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-37344HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.

  • CVE-2026-37343HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.

  • CVE-2026-37342HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.

  • CVE-2026-37341HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.

  • CVE-2026-6193HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to…

  • CVE-2026-5837HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.