Filtered by vendor Phpgurukul
Subscriptions
Total
935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9012 | 1 Phpgurukul | 1 Online Shopping Portal Project | 2025-08-16 | 7.3 High |
| A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9024 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-08-16 | 7.3 High |
| A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9011 | 1 Phpgurukul | 1 Online Shopping Portal Project | 2025-08-16 | 7.3 High |
| A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9017 | 1 Phpgurukul | 1 Zoo Management System | 2025-08-16 | 4.3 Medium |
| A vulnerability has been found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-foreigner-ticket.php. The manipulation of the argument visitorname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9013 | 1 Phpgurukul | 1 Online Shopping Portal Project | 2025-08-16 | 7.3 High |
| A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8951 | 1 Phpgurukul | 1 Teachers Record Management System | 2025-08-14 | 7.3 High |
| A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8954 | 2 Code-projects, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-08-14 | 7.3 High |
| A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8955 | 2 Code-projects, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-08-14 | 7.3 High |
| A vulnerability has been found in PHPGurukul Hospital Management System 4.0. This vulnerability affects unknown code of the file /admin/edit-doctor.php. The manipulation of the argument docfees leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-51045 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-08-07 | 6.5 Medium |
| Phpgurukul Pre-School Enrollment System 1.0 contains a SQL injection vulnerability in the /admin/password-recovery.php file. This vulnerability is attributed to the insufficient validation of user input for the username parameter. | ||||
| CVE-2025-51044 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2025-08-07 | 6.5 Medium |
| phpgurukul Nipah virus (NiV) Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter. | ||||
| CVE-2025-50484 | 1 Phpgurukul | 1 Small Crm | 2025-08-07 | 7.1 High |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-8431 | 1 Phpgurukul | 1 Boat Booking System | 2025-08-05 | 7.3 High |
| A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8179 | 1 Phpgurukul | 1 Local Services Search Engine Management System | 2025-07-30 | 7.3 High |
| A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7757 | 1 Phpgurukul | 1 Land Record System | 2025-07-30 | 7.3 High |
| A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-property.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-50492 | 1 Phpgurukul | 1 E-diary Management System | 2025-07-29 | 7.5 High |
| Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-50491 | 1 Phpgurukul | 1 Bank Locker Management System | 2025-07-29 | 7.1 High |
| Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-50489 | 1 Phpgurukul | 1 Student Result Management System | 2025-07-29 | 7.5 High |
| Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-50488 | 1 Phpgurukul | 1 Online Library Management System | 2025-07-29 | 7.1 High |
| Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-50494 | 1 Phpgurukul | 1 Car Washing Management System | 2025-07-29 | 7.5 High |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack. | ||||
| CVE-2025-50493 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2025-07-29 | 7.5 High |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack. | ||||