Vendor CVEs
Phpgurukul
All CVEs
1,148 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-10156 | 0.00 | — | 0.01 | Oct 19, 2024 | A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Sign In Page. The manipulation of the argument username leads to sql injection. The attack can… | |||
| CVE-2024-10155 | 0.00 | — | 0.00 | Oct 19, 2024 | A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been classified as problematic. This affects an unknown part of the file book-boat.php?bid=1 of the component Book a Boat Page. The manipulation of the argument phone_number leads to cross site scripting. It… | |||
| CVE-2024-10154 | 0.00 | — | 0.01 | Oct 19, 2024 | A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file status.php of the component Check Booking Status Page. The manipulation of the argument emailid leads to sql injection.… | |||
| CVE-2024-10153 | 0.00 | — | 0.01 | Oct 19, 2024 | A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file book-boat.php?bid=1 of the component Book a Boat Page. The manipulation of the argument… | |||
| CVE-2024-48744 | 0.00 | — | 0.00 | Oct 16, 2024 | A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter. | |||
| CVE-2024-48283 | 0.00 | — | 0.01 | Oct 15, 2024 | Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter. | |||
| CVE-2024-48278 | 0.00 | — | 0.00 | Oct 15, 2024 | Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php. | |||
| CVE-2024-48279 | 0.00 | — | 0.01 | Oct 15, 2024 | A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request. | |||
| CVE-2024-48280 | 0.00 | — | 0.00 | Oct 15, 2024 | A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request. | |||
| CVE-2024-48282 | 0.00 | — | 0.00 | Oct 15, 2024 | A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP… | |||
| CVE-2024-9816 | 0.00 | — | 0.01 | Oct 10, 2024 | A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be… | |||
| CVE-2024-9815 | 0.00 | — | 0.01 | Oct 10, 2024 | A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The… | |||
| CVE-2024-46237 | 0.00 | — | 0.00 | Oct 9, 2024 | PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php. | |||
| CVE-2024-9091 | 0.00 | — | 0.01 | Sep 23, 2024 | A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched… | |||
| CVE-2024-46241 | 0.00 | — | 0.00 | Sep 23, 2024 | PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php. | |||
| CVE-2024-9080 | 0.00 | — | 0.01 | Sep 22, 2024 | A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack… | |||
| CVE-2024-9079 | 0.00 | — | 0.01 | Sep 22, 2024 | A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The… | |||
| CVE-2024-9078 | 0.00 | — | 0.01 | Sep 22, 2024 | A vulnerability has been found in code-projects Student Record System 1.0 and classified as critical. This vulnerability affects unknown code of the file /course.php. The manipulation of the argument coursename leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2024-44798 | 0.00 | — | 0.00 | Sep 13, 2024 | phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters. | |||
| CVE-2024-40484 | 0.00 | — | 0.01 | Aug 8, 2024 | A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. | |||
| CVE-2024-40477 | 0.00 | — | 0.01 | Aug 8, 2024 | A SQL injection vulnerability in "/oahms/admin/forgot-password.php" in PHPGurukul Old Age Home Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "email" parameter. | |||
| CVE-2024-40481 | 0.00 | — | 0.01 | Aug 8, 2024 | A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter. | |||
| CVE-2024-41333 | 0.00 | — | 0.01 | Aug 6, 2024 | A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. | |||
| CVE-2024-39090 | 0.00 | — | 0.01 | Jul 18, 2024 | The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a… | |||
| CVE-2024-29390 | 0.00 | — | 0.00 | Jun 20, 2024 | Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend… | |||
| CVE-2024-37798 | 0.00 | — | 0.00 | Jun 17, 2024 | Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field. | |||
| CVE-2024-34987 | 0.00 | — | 0.01 | Jun 3, 2024 | A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the… | |||
| CVE-2024-35511 | 0.00 | — | 0.00 | May 28, 2024 | phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php. | |||
| CVE-2024-5361 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/normal-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be… | |||
| CVE-2024-5360 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/foreigner-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can… | |||
| CVE-2024-5359 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-5358 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability was found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/normal-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched… | |||
| CVE-2024-5357 | 0.00 | — | 0.00 | May 26, 2024 | A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be… | |||
| CVE-2024-5137 | 0.00 | — | 0.00 | May 20, 2024 | A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The… | |||
| CVE-2024-5136 | 0.00 | — | 0.00 | May 20, 2024 | A vulnerability classified as problematic has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /admin/search-directory.php.. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The… | |||
| CVE-2024-5135 | 0.00 | — | 0.01 | May 20, 2024 | A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated… | |||
| CVE-2024-5066 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can… | |||
| CVE-2024-5065 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The… | |||
| CVE-2024-5064 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated… | |||
| CVE-2024-5063 | 0.00 | — | 0.01 | May 17, 2024 | A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be… | |||
| CVE-2024-30985 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters. | |||
| CVE-2024-30987 | 0.00 | — | 0.01 | Apr 17, 2024 | Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters. | |||
| CVE-2024-30981 | 0.00 | — | 0.00 | Apr 17, 2024 | SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL. | |||
| CVE-2024-30983 | 0.00 | — | 0.00 | Apr 17, 2024 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file. | |||
| CVE-2024-30988 | 0.00 | — | 0.01 | Apr 17, 2024 | Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar. | |||
| CVE-2024-30982 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file. | |||
| CVE-2024-30980 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page. | |||
| CVE-2024-30990 | 0.00 | — | 0.01 | Apr 17, 2024 | SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter. | |||
| CVE-2024-30986 | 0.00 | — | 0.00 | Apr 17, 2024 | Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter. | |||
| CVE-2024-30989 | 0.00 | — | 0.00 | Apr 17, 2024 | Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter. |
- CVE-2024-10156Oct 19, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Sign In Page. The manipulation of the argument username leads to sql injection. The attack can…
- CVE-2024-10155Oct 19, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been classified as problematic. This affects an unknown part of the file book-boat.php?bid=1 of the component Book a Boat Page. The manipulation of the argument phone_number leads to cross site scripting. It…
- CVE-2024-10154Oct 19, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file status.php of the component Check Booking Status Page. The manipulation of the argument emailid leads to sql injection.…
- CVE-2024-10153Oct 19, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file book-boat.php?bid=1 of the component Book a Boat Page. The manipulation of the argument…
- CVE-2024-48744Oct 16, 2024risk 0.00cvss —epss 0.00
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter.
- CVE-2024-48283Oct 15, 2024risk 0.00cvss —epss 0.01
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter.
- CVE-2024-48278Oct 15, 2024risk 0.00cvss —epss 0.00
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php.
- CVE-2024-48279Oct 15, 2024risk 0.00cvss —epss 0.01
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.
- CVE-2024-48280Oct 15, 2024risk 0.00cvss —epss 0.00
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request.
- CVE-2024-48282Oct 15, 2024risk 0.00cvss —epss 0.00
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP…
- CVE-2024-9816Oct 10, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be…
- CVE-2024-9815Oct 10, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The…
- CVE-2024-46237Oct 9, 2024risk 0.00cvss —epss 0.00
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
- CVE-2024-9091Sep 23, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched…
- CVE-2024-46241Sep 23, 2024risk 0.00cvss —epss 0.00
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php.
- CVE-2024-9080Sep 22, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack…
- CVE-2024-9079Sep 22, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The…
- CVE-2024-9078Sep 22, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in code-projects Student Record System 1.0 and classified as critical. This vulnerability affects unknown code of the file /course.php. The manipulation of the argument coursename leads to sql injection. The attack can be initiated remotely. The…
- CVE-2024-44798Sep 13, 2024risk 0.00cvss —epss 0.00
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.
- CVE-2024-40484Aug 8, 2024risk 0.00cvss —epss 0.01
A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter.
- CVE-2024-40477Aug 8, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability in "/oahms/admin/forgot-password.php" in PHPGurukul Old Age Home Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "email" parameter.
- CVE-2024-40481Aug 8, 2024risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter.
- CVE-2024-41333Aug 6, 2024risk 0.00cvss —epss 0.01
A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.
- CVE-2024-39090Jul 18, 2024risk 0.00cvss —epss 0.01
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a…
- CVE-2024-29390Jun 20, 2024risk 0.00cvss —epss 0.00
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend…
- CVE-2024-37798Jun 17, 2024risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.
- CVE-2024-34987Jun 3, 2024risk 0.00cvss —epss 0.01
A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the…
- CVE-2024-35511May 28, 2024risk 0.00cvss —epss 0.00
phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php.
- CVE-2024-5361May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/normal-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be…
- CVE-2024-5360May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/foreigner-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can…
- CVE-2024-5359May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack…
- CVE-2024-5358May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/normal-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched…
- CVE-2024-5357May 26, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be…
- CVE-2024-5137May 20, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The…
- CVE-2024-5136May 20, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /admin/search-directory.php.. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The…
- CVE-2024-5135May 20, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated…
- CVE-2024-5066May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can…
- CVE-2024-5065May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The…
- CVE-2024-5064May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated…
- CVE-2024-5063May 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be…
- CVE-2024-30985Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.
- CVE-2024-30987Apr 17, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.
- CVE-2024-30981Apr 17, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL.
- CVE-2024-30983Apr 17, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file.
- CVE-2024-30988Apr 17, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar.
- CVE-2024-30982Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file.
- CVE-2024-30980Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page.
- CVE-2024-30990Apr 17, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
- CVE-2024-30986Apr 17, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.
- CVE-2024-30989Apr 17, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.
Page 19 of 23