VYPR
Vendor

PuneethReddyHC

Products
1
CVEs
9
Across products
9
Status
Private

Products

1

Recent CVEs

9
  • CVE-2025-3022CriMar 31, 2025
    risk 0.61cvss epss 0.01

    Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacker to execute arbitrary commands on the server via the ‘client’ parameter in the /data/apache/e-management/api/api3.php endpoint.

  • CVE-2025-3021HigMar 31, 2025
    risk 0.57cvss epss 0.00

    Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint.

  • CVE-2025-56605MedFeb 26, 2026
    risk 0.35cvss 5.4epss 0.00

    A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to…

  • CVE-2025-65354Dec 23, 2025
    risk 0.00cvss epss 0.00

    Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data…

  • CVE-2025-56243Oct 7, 2025
    risk 0.00cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability was found in the register.php page of PuneethReddyHC Event Management System 1.0, where the event_id GET parameter is improperly handled. An attacker can craft a malicious URL to execute arbitrary JavaScript in the victim s browser by…

  • CVE-2024-28322Apr 26, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a crafted POST request.

  • CVE-2024-3433Apr 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to cross site scripting. It…

  • CVE-2024-3432Apr 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to sql injection.…

  • CVE-2022-25114Mar 2, 2022
    risk 0.00cvss epss 0.01

    Event Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the full_name parameter under register.php.