Phpgurukul
Products
63- 60 CVEs
- 59 CVEs
- 48 CVEs
- 45 CVEs
- 42 CVEs
- 42 CVEs
- 35 CVEs
- 33 CVEs
- 32 CVEs
- 32 CVEs
- 32 CVEs
- 31 CVEs
- 30 CVEs
- 30 CVEs
- 30 CVEs
- 29 CVEs
- 25 CVEs
- 25 CVEs
- 25 CVEs
- 24 CVEs
- 24 CVEs
- 24 CVEs
- 21 CVEs
- 21 CVEs
- 21 CVEs
- 21 CVEs
- 20 CVEs
- 18 CVEs
- 17 CVEs
- 16 CVEs
- View all 63 products →
Recent CVEs
1,148| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-37431 | Cri | 0.64 | 9.8 | 0.00 | May 8, 2026 | Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement. | ||
| CVE-2026-37345 | Cri | 0.64 | 9.8 | 0.00 | Apr 16, 2026 | SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php. | ||
| CVE-2025-56214 | Cri | 0.64 | 9.8 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter. | ||
| CVE-2025-56212 | Cri | 0.64 | 9.8 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter. | ||
| CVE-2026-39109 | Cri | 0.61 | 9.4 | 0.00 | Apr 20, 2026 | SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve… | ||
| CVE-2025-57148 | Cri | 0.59 | 9.1 | 0.00 | Sep 3, 2025 | phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation. | ||
| CVE-2025-51414 | Hig | 0.57 | 8.8 | 0.00 | Apr 13, 2026 | In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page. | ||
| CVE-2025-57151 | Hig | 0.57 | 8.8 | 0.01 | Sep 3, 2025 | phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter. | ||
| CVE-2025-56216 | Hig | 0.55 | 8.5 | 0.00 | Aug 25, 2025 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter. | ||
| CVE-2026-39110 | Hig | 0.53 | 8.2 | 0.00 | Apr 20, 2026 | SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during… | ||
| CVE-2025-57146 | Hig | 0.53 | 8.1 | 0.00 | Sep 3, 2025 | phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter. | ||
| CVE-2026-39111 | Hig | 0.49 | 7.5 | 0.00 | Apr 20, 2026 | SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve… | ||
| CVE-2025-57147 | Hig | 0.49 | 7.5 | 0.00 | Sep 3, 2025 | A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php. | ||
| CVE-2025-7160 | Hig | 0.48 | 7.3 | 0.02 | Jul 8, 2025 | A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit… | ||
| CVE-2026-37344 | Hig | 0.47 | 7.2 | 0.00 | Apr 16, 2026 | SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php. | ||
| CVE-2026-37343 | Hig | 0.47 | 7.2 | 0.00 | Apr 16, 2026 | SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php. | ||
| CVE-2026-37342 | Hig | 0.47 | 7.2 | 0.00 | Apr 16, 2026 | SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php. | ||
| CVE-2026-37341 | Hig | 0.47 | 7.2 | 0.00 | Apr 16, 2026 | SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php. | ||
| CVE-2026-6193 | Hig | 0.47 | 7.3 | 0.00 | Apr 13, 2026 | A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to… | ||
| CVE-2026-5837 | Hig | 0.47 | 7.3 | 0.00 | Apr 9, 2026 | A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. |
- risk 0.64cvss 9.8epss 0.00
Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.
- risk 0.64cvss 9.8epss 0.00
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.
- risk 0.64cvss 9.8epss 0.00
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
- risk 0.64cvss 9.8epss 0.00
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
- risk 0.61cvss 9.4epss 0.00
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve…
- risk 0.59cvss 9.1epss 0.00
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
- risk 0.57cvss 8.8epss 0.00
In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.
- risk 0.57cvss 8.8epss 0.01
phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter.
- risk 0.55cvss 8.5epss 0.00
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.
- risk 0.53cvss 8.2epss 0.00
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during…
- risk 0.53cvss 8.1epss 0.00
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
- risk 0.49cvss 7.5epss 0.00
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve…
- risk 0.49cvss 7.5epss 0.00
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.
- risk 0.48cvss 7.3epss 0.02
A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit…
- risk 0.47cvss 7.2epss 0.00
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.
- risk 0.47cvss 7.2epss 0.00
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.
- risk 0.47cvss 7.2epss 0.00
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.
- risk 0.47cvss 7.2epss 0.00
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.