VYPR

Vendor CVEs

Phpgurukul

All CVEs

1,148 total · sorted by risk
  • CVE-2026-37431CriMay 8, 2026
    risk 0.64cvss 9.8epss 0.00

    Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

  • CVE-2026-37345CriApr 16, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.

  • CVE-2025-56214CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.

  • CVE-2025-56212CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.

  • CVE-2026-39109CriApr 20, 2026
    risk 0.61cvss 9.4epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve…

  • CVE-2025-57148CriSep 3, 2025
    risk 0.59cvss 9.1epss 0.00

    phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.

  • CVE-2025-51414HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.

  • CVE-2025-57151HigSep 3, 2025
    risk 0.57cvss 8.8epss 0.01

    phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter.

  • CVE-2025-56216HigAug 25, 2025
    risk 0.55cvss 8.5epss 0.00

    phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.

  • CVE-2026-39110HigApr 20, 2026
    risk 0.53cvss 8.2epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during…

  • CVE-2025-57146HigSep 3, 2025
    risk 0.53cvss 8.1epss 0.00

    phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.

  • CVE-2026-39111HigApr 20, 2026
    risk 0.49cvss 7.5epss 0.00

    SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve…

  • CVE-2025-57147HigSep 3, 2025
    risk 0.49cvss 7.5epss 0.00

    A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.

  • CVE-2025-7160HigJul 8, 2025
    risk 0.48cvss 7.3epss 0.02

    A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-37344HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.

  • CVE-2026-37343HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.

  • CVE-2026-37342HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.

  • CVE-2026-37341HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.

  • CVE-2026-6193HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to…

  • CVE-2026-5837HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

  • CVE-2026-5814HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/check_availability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2026-3164HigFeb 25, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-3135HigFeb 25, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-3134HigFeb 25, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is an unknown function of the file /newsportal/admin/edit-category.php. The manipulation of the argument Category results in sql injection. The attack may be performed from remote.…

  • CVE-2026-2225HigFeb 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component Administrator Login. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The…

  • CVE-2026-2161HigFeb 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/forget-password.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The…

  • CVE-2026-2088HigFeb 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been…

  • CVE-2026-1688HigJan 30, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in itsourcecode Directory Management System 1.0. The affected element is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2026-1160HigJan 19, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-13247HigNov 16, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-11507HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The…

  • CVE-2025-11506HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the argument searchdata results in sql injection. It is possible to launch the…

  • CVE-2025-11505HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2025-11503HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the argument delid can lead to sql injection. The attack may be performed from…

  • CVE-2025-11416HigOct 7, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing a manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has…

  • CVE-2025-11415HigOct 7, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack…

  • CVE-2025-11329HigOct 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may…

  • CVE-2025-11053HigSep 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the…

  • CVE-2025-10833HigSep 23, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in 1000projects Bookstore Management System 1.0. The impacted element is an unknown function of the file /login.php. This manipulation of the argument unm causes sql injection. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2025-10664HigSep 18, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and…

  • CVE-2025-10663HigSep 18, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may be initiated remotely. The exploit has been made public and…

  • CVE-2025-10624HigSep 17, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to…

  • CVE-2025-10459HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/all-appointment.php. The manipulation of the argument delid results in sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2025-10425HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The impacted element is an unknown function of the file /admin/controller/student_controller.php. Such manipulation of the argument new_image leads to unrestricted…

  • CVE-2025-10424HigSep 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/faculty_controller.php. This manipulation of the argument new_image causes unrestricted…

  • CVE-2025-10403HigSep 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. The attack is possible to be carried out remotely. The exploit…

  • CVE-2025-10402HigSep 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/readenq.php. Executing manipulation of the argument delid can lead to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2025-10114HigSep 9, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploit has been made public and could…

  • CVE-2025-10079HigSep 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has been published…

  • CVE-2025-10025HigSep 5, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/semester.php. The manipulation of the argument semester leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…

Page 1 of 23