Filtered by vendor Phpgurukul
Subscriptions
Total
612 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-47102 | 1 Phpgurukul | 1 Student Study Center Management System | 2025-04-08 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | ||||
| CVE-2025-3265 | 1 Phpgurukul | 1 E-diary Management System | 2025-04-07 | 7.3 High |
| A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-30979 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | 5.9 Medium |
| Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to execute arbitrary code via the compname parameter in edit-computer-details.php. | ||||
| CVE-2024-30980 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | 9.8 Critical |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page. | ||||
| CVE-2024-30981 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | 4.3 Medium |
| SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL. | ||||
| CVE-2024-30983 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | 7.3 High |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file. | ||||
| CVE-2024-30982 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | 9.8 Critical |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file. | ||||
| CVE-2024-53480 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-04-07 | 9.8 Critical |
| Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter. | ||||
| CVE-2024-53364 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2025-04-07 | 5.4 Medium |
| A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries. | ||||
| CVE-2024-39090 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-04-05 | 6.1 Medium |
| The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. | ||||
| CVE-2024-50991 | 1 Phpgurukul | 1 User Management System | 2025-04-04 | 4.8 Medium |
| A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "fname" POST request parameter | ||||
| CVE-2024-53635 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2025-04-04 | 4.8 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | ||||
| CVE-2024-48283 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2025-04-04 | 9.8 Critical |
| Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter. | ||||
| CVE-2024-46531 | 1 Phpgurukul | 2 Vehicle Record Management System, Vehicle Record System | 2025-04-04 | 6.3 Medium |
| phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php. | ||||
| CVE-2024-51066 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-04-04 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers. | ||||
| CVE-2024-54842 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-04-03 | 9.8 Critical |
| A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter. | ||||
| CVE-2024-55099 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-04-03 | 9.8 Critical |
| A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter. | ||||
| CVE-2024-54810 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-04-03 | 9.8 Critical |
| A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter. | ||||
| CVE-2024-54811 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-04-03 | 9.8 Critical |
| A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. | ||||
| CVE-2024-12955 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2025-04-03 | 4.3 Medium |
| A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as problematic. This vulnerability affects unknown code of the file /logout.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||