Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54810 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter. | |||||
| CVE-2025-2090 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-04-03 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php of the component Sub Admin Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1966 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-04-02 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-54790 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-03-27 | N/A | 7.5 HIGH |
| A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter. | |||||
| CVE-2025-2088 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-03-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System up to 1.0. Affected is an unknown function of the file /admin/profile.php. The manipulation of the argument fullname/emailid/mobileNumber leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-47446 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2024-11-21 | N/A | 5.4 MEDIUM |
| Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. | |||||
| CVE-2023-47445 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. | |||||