Vendor CVEs
Phpgurukul
All CVEs
1,148 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55232 | 0.00 | — | 0.00 | Dec 18, 2024 | An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's… | |||
| CVE-2024-55231 | 0.00 | — | 0.00 | Dec 18, 2024 | An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing authorization checks. This flaw exposes sensitive data and enables attackers to alter… | |||
| CVE-2024-55059 | 0.00 | — | 0.00 | Dec 17, 2024 | A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php. | |||
| CVE-2024-55057 | 0.00 | — | 0.00 | Dec 17, 2024 | Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts. | |||
| CVE-2024-55058 | 0.00 | — | 0.00 | Dec 17, 2024 | An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the… | |||
| CVE-2024-55056 | 0.00 | — | 0.00 | Dec 17, 2024 | A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field. | |||
| CVE-2024-55496 | 0.00 | — | 0.01 | Dec 17, 2024 | A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0. This issue affects some unknown functionality of add_company.php. Actions on the delete parameter result in SQL injection. | |||
| CVE-2024-55100 | 0.00 | — | 0.00 | Dec 16, 2024 | A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter. | |||
| CVE-2024-55103 | 0.00 | — | 0.01 | Dec 16, 2024 | Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter. | |||
| CVE-2024-55104 | 0.00 | — | 0.01 | Dec 16, 2024 | Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters. | |||
| CVE-2024-54842 | 0.00 | — | 0.00 | Dec 12, 2024 | A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter. | |||
| CVE-2024-54811 | 0.00 | — | 0.01 | Dec 12, 2024 | A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. | |||
| CVE-2024-54810 | 0.00 | — | 0.01 | Dec 12, 2024 | A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter. | |||
| CVE-2024-53481 | 0.00 | — | 0.01 | Dec 10, 2024 | A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters. | |||
| CVE-2024-53480 | 0.00 | — | 0.01 | Dec 10, 2024 | Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter. | |||
| CVE-2024-55268 | 0.00 | — | 0.00 | Dec 6, 2024 | A Reflected Cross Site Scripting (XSS) vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter. | |||
| CVE-2024-48703 | 0.00 | — | 0.00 | Dec 6, 2024 | PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter. | |||
| CVE-2024-12234 | 0.00 | — | 0.01 | Dec 5, 2024 | A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-customer-detailed.php. The manipulation of the argument name leads to sql injection. It is possible to… | |||
| CVE-2024-12230 | 0.00 | — | 0.01 | Dec 5, 2024 | A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. The attack… | |||
| CVE-2024-12229 | 0.00 | — | 0.01 | Dec 5, 2024 | A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql injection. The attack can be… | |||
| CVE-2024-12228 | 0.00 | — | 0.01 | Dec 5, 2024 | A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely.… | |||
| CVE-2024-53364 | 0.00 | — | 0.00 | Dec 2, 2024 | A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries. | |||
| CVE-2024-11967 | 0.00 | — | 0.01 | Nov 28, 2024 | A vulnerability was found in PHPGurukul Complaint Management system 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/reset-password.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack… | |||
| CVE-2024-11966 | 0.00 | — | 0.01 | Nov 28, 2024 | A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely.… | |||
| CVE-2024-11965 | 0.00 | — | 0.01 | Nov 28, 2024 | A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated… | |||
| CVE-2024-11964 | 0.00 | — | 0.01 | Nov 28, 2024 | A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management system 1.0. This affects an unknown part of the file /user/index.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely.… | |||
| CVE-2024-53604 | 0.00 | — | 0.01 | Nov 27, 2024 | A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter. | |||
| CVE-2024-53635 | 0.00 | — | 0.00 | Nov 27, 2024 | A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | |||
| CVE-2024-53603 | 0.00 | — | 0.01 | Nov 27, 2024 | A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter. | |||
| CVE-2024-11818 | 0.00 | — | 0.01 | Nov 26, 2024 | A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the… | |||
| CVE-2024-11817 | 0.00 | — | 0.01 | Nov 26, 2024 | A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection.… | |||
| CVE-2024-53365 | 0.00 | — | 0.00 | Nov 26, 2024 | A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field. | |||
| CVE-2024-11673 | 0.00 | — | 0.00 | Nov 25, 2024 | A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been… | |||
| CVE-2024-11649 | 0.00 | — | 0.01 | Nov 25, 2024 | A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can… | |||
| CVE-2024-11648 | 0.00 | — | 0.01 | Nov 25, 2024 | A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-customer.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the… | |||
| CVE-2024-11647 | 0.00 | — | 0.01 | Nov 25, 2024 | A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection.… | |||
| CVE-2024-11646 | 0.00 | — | 0.01 | Nov 24, 2024 | A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection. The attack… | |||
| CVE-2024-11592 | 0.00 | — | 0.01 | Nov 21, 2024 | A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be… | |||
| CVE-2024-11591 | 0.00 | — | 0.01 | Nov 21, 2024 | A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument sername leads to sql injection. It is possible to initiate the… | |||
| CVE-2024-11590 | 0.00 | — | 0.01 | Nov 21, 2024 | A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file /forget_password_process.php. The manipulation of the argument unm leads to sql injection. The… | |||
| CVE-2024-51208 | 0.00 | — | 0.00 | Nov 20, 2024 | File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | |||
| CVE-2024-11258 | 0.00 | — | 0.01 | Nov 15, 2024 | A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely.… | |||
| CVE-2024-11257 | 0.00 | — | 0.01 | Nov 15, 2024 | A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-50843 | 0.00 | — | 0.01 | Nov 14, 2024 | A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets. | |||
| CVE-2024-48284 | 0.00 | — | 0.00 | Nov 14, 2024 | A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST… | |||
| CVE-2024-11101 | 0.00 | — | 0.01 | Nov 12, 2024 | A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. It is possible to… | |||
| CVE-2024-11100 | 0.00 | — | 0.01 | Nov 12, 2024 | A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be… | |||
| CVE-2024-50989 | 0.00 | — | 0.01 | Nov 11, 2024 | A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System v1.0 allows an attacker to execute arbitrary SQL commands via the "searchdata " parameter. | |||
| CVE-2024-50991 | 0.00 | — | 0.00 | Nov 11, 2024 | A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "fname" POST request parameter | |||
| CVE-2024-51054 | 0.00 | — | 0.00 | Nov 11, 2024 | A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter. |
- CVE-2024-55232Dec 18, 2024risk 0.00cvss —epss 0.00
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's…
- CVE-2024-55231Dec 18, 2024risk 0.00cvss —epss 0.00
An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing authorization checks. This flaw exposes sensitive data and enables attackers to alter…
- CVE-2024-55059Dec 17, 2024risk 0.00cvss —epss 0.00
A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php.
- CVE-2024-55057Dec 17, 2024risk 0.00cvss —epss 0.00
Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts.
- CVE-2024-55058Dec 17, 2024risk 0.00cvss —epss 0.00
An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the…
- CVE-2024-55056Dec 17, 2024risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field.
- CVE-2024-55496Dec 17, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0. This issue affects some unknown functionality of add_company.php. Actions on the delete parameter result in SQL injection.
- CVE-2024-55100Dec 16, 2024risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter.
- CVE-2024-55103Dec 16, 2024risk 0.00cvss —epss 0.01
Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter.
- CVE-2024-55104Dec 16, 2024risk 0.00cvss —epss 0.01
Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters.
- CVE-2024-54842Dec 12, 2024risk 0.00cvss —epss 0.00
A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter.
- CVE-2024-54811Dec 12, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter.
- CVE-2024-54810Dec 12, 2024risk 0.00cvss —epss 0.01
A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter.
- CVE-2024-53481Dec 10, 2024risk 0.00cvss —epss 0.01
A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters.
- CVE-2024-53480Dec 10, 2024risk 0.00cvss —epss 0.01
Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.
- CVE-2024-55268Dec 6, 2024risk 0.00cvss —epss 0.00
A Reflected Cross Site Scripting (XSS) vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter.
- CVE-2024-48703Dec 6, 2024risk 0.00cvss —epss 0.00
PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.
- CVE-2024-12234Dec 5, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-customer-detailed.php. The manipulation of the argument name leads to sql injection. It is possible to…
- CVE-2024-12230Dec 5, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. The attack…
- CVE-2024-12229Dec 5, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql injection. The attack can be…
- CVE-2024-12228Dec 5, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely.…
- CVE-2024-53364Dec 2, 2024risk 0.00cvss —epss 0.00
A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries.
- CVE-2024-11967Nov 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Complaint Management system 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/reset-password.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack…
- CVE-2024-11966Nov 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely.…
- CVE-2024-11965Nov 28, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated…
- CVE-2024-11964Nov 28, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management system 1.0. This affects an unknown part of the file /user/index.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely.…
- CVE-2024-53604Nov 27, 2024risk 0.00cvss —epss 0.01
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter.
- CVE-2024-53635Nov 27, 2024risk 0.00cvss —epss 0.00
A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter.
- CVE-2024-53603Nov 27, 2024risk 0.00cvss —epss 0.01
A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter.
- CVE-2024-11818Nov 26, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the…
- CVE-2024-11817Nov 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection.…
- CVE-2024-53365Nov 26, 2024risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field.
- CVE-2024-11673Nov 25, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been…
- CVE-2024-11649Nov 25, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can…
- CVE-2024-11648Nov 25, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-customer.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the…
- CVE-2024-11647Nov 25, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection.…
- CVE-2024-11646Nov 24, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection. The attack…
- CVE-2024-11592Nov 21, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be…
- CVE-2024-11591Nov 21, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument sername leads to sql injection. It is possible to initiate the…
- CVE-2024-11590Nov 21, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file /forget_password_process.php. The manipulation of the argument unm leads to sql injection. The…
- CVE-2024-51208Nov 20, 2024risk 0.00cvss —epss 0.00
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter.
- CVE-2024-11258Nov 15, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely.…
- CVE-2024-11257Nov 15, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack…
- CVE-2024-50843Nov 14, 2024risk 0.00cvss —epss 0.01
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets.
- CVE-2024-48284Nov 14, 2024risk 0.00cvss —epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST…
- CVE-2024-11101Nov 12, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. It is possible to…
- CVE-2024-11100Nov 12, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be…
- CVE-2024-50989Nov 11, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System v1.0 allows an attacker to execute arbitrary SQL commands via the "searchdata " parameter.
- CVE-2024-50991Nov 11, 2024risk 0.00cvss —epss 0.00
A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "fname" POST request parameter
- CVE-2024-51054Nov 11, 2024risk 0.00cvss —epss 0.00
A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter.
Page 17 of 23