Filtered by vendor Phpgurukul
Subscribe
Total
862 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9012 | 1 Phpgurukul | 1 Online Shopping Portal Project | 2025-08-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9013 | 1 Phpgurukul | 1 Online Shopping Portal Project | 2025-08-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8951 | 1 Phpgurukul | 1 Teachers Record Management System | 2025-08-14 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-51045 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-08-07 | N/A | 6.5 MEDIUM |
| Phpgurukul Pre-School Enrollment System 1.0 contains a SQL injection vulnerability in the /admin/password-recovery.php file. This vulnerability is attributed to the insufficient validation of user input for the username parameter. | |||||
| CVE-2025-51044 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2025-08-07 | N/A | 6.5 MEDIUM |
| phpgurukul Nipah virus (NiV) Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter. | |||||
| CVE-2025-50484 | 1 Phpgurukul | 1 Small Crm | 2025-08-07 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-8431 | 1 Phpgurukul | 1 Boat Booking System | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8179 | 1 Phpgurukul | 1 Local Services Search Engine Management System | 2025-07-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7757 | 1 Phpgurukul | 1 Land Record System | 2025-07-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-property.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-50492 | 1 Phpgurukul | 1 E-diary Management System | 2025-07-29 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50491 | 1 Phpgurukul | 1 Bank Locker Management System | 2025-07-29 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50489 | 1 Phpgurukul | 1 Student Result Management System | 2025-07-29 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50488 | 1 Phpgurukul | 1 Online Library Management System | 2025-07-29 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50494 | 1 Phpgurukul | 1 Car Washing Management System | 2025-07-29 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50493 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2025-07-29 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50490 | 1 Phpgurukul | 1 Student Result Management System | 2025-07-29 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50486 | 1 Phpgurukul | 1 E-diary Management System | 2025-07-29 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50485 | 1 Phpgurukul | 1 Online Course Registration | 2025-07-29 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50487 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2025-07-29 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-7946 | 1 Phpgurukul | 1 Apartment Visitors Management System | 2025-07-29 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search-visitor.php of the component HTTP POST Request Handler. The manipulation of the argument searchdata leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||