Filtered by vendor Phpgurukul
Subscribe
Total
985 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30998 | 1 Phpgurukul | 1 Men Salon Management System | 2025-04-08 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component. | |||||
| CVE-2022-47102 | 1 Phpgurukul | 1 Student Study Center Management System | 2025-04-08 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | |||||
| CVE-2025-3265 | 1 Phpgurukul | 1 E-diary Management System | 2025-04-07 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-30979 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | N/A | 5.9 MEDIUM |
| Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to execute arbitrary code via the compname parameter in edit-computer-details.php. | |||||
| CVE-2024-30980 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page. | |||||
| CVE-2024-30981 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL. | |||||
| CVE-2024-30983 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | N/A | 7.3 HIGH |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file. | |||||
| CVE-2024-30982 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-04-07 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file. | |||||
| CVE-2024-53480 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-04-07 | N/A | 9.8 CRITICAL |
| Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter. | |||||
| CVE-2024-53364 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2025-04-07 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries. | |||||
| CVE-2024-39090 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-04-05 | N/A | 6.1 MEDIUM |
| The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. | |||||
| CVE-2024-50991 | 1 Phpgurukul | 1 User Management System | 2025-04-04 | N/A | 4.8 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "fname" POST request parameter | |||||
| CVE-2024-53635 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2025-04-04 | N/A | 4.8 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | |||||
| CVE-2024-48283 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2025-04-04 | N/A | 9.8 CRITICAL |
| Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter. | |||||
| CVE-2024-46531 | 1 Phpgurukul | 1 Vehicle Record System | 2025-04-04 | N/A | 6.3 MEDIUM |
| phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php. | |||||
| CVE-2024-51066 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-04-04 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers. | |||||
| CVE-2024-54842 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter. | |||||
| CVE-2024-55099 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter. | |||||
| CVE-2024-54810 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter. | |||||
| CVE-2024-54811 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. | |||||