Filtered by vendor Phpgurukul
Subscribe
Total
924 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-13247 | 1 Phpgurukul | 1 Tourism Management System | 2025-11-19 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2024-44641 | 1 Phpgurukul | 1 Small Crm | 2025-11-19 | N/A | 6.5 MEDIUM |
| PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php. | |||||
| CVE-2024-44644 | 1 Phpgurukul | 1 Small Crm | 2025-11-19 | N/A | 6.5 MEDIUM |
| PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php. | |||||
| CVE-2024-44647 | 1 Phpgurukul | 1 Small Crm | 2025-11-19 | N/A | 6.1 MEDIUM |
| PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php. | |||||
| CVE-2024-44648 | 1 Phpgurukul | 1 Small Crm | 2025-11-19 | N/A | 6.5 MEDIUM |
| PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php. | |||||
| CVE-2024-44657 | 1 Phpgurukul | 1 Complaint Management System | 2025-11-19 | N/A | 6.5 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php. | |||||
| CVE-2024-46335 | 1 Phpgurukul | 1 Complaint Management System | 2025-11-19 | N/A | 4.6 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php. | |||||
| CVE-2024-44654 | 1 Phpgurukul | 1 Complaint Management System | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php. | |||||
| CVE-2024-44655 | 1 Phpgurukul | 1 Complaint Management System | 2025-11-18 | N/A | 6.1 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php. | |||||
| CVE-2024-44658 | 1 Phpgurukul | 1 Complaint Management System | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php. | |||||
| CVE-2024-44660 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php. | |||||
| CVE-2024-44662 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the admin page. | |||||
| CVE-2024-44663 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php. | |||||
| CVE-2024-44659 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 9.8 CRITICAL |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in forgot-password.php. | |||||
| CVE-2024-44661 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 5.4 MEDIUM |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting (XSS) via the quantity parameter in my-cart.php. | |||||
| CVE-2024-44664 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-11-18 | N/A | 6.5 MEDIUM |
| PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php. | |||||
| CVE-2024-44635 | 1 Phpgurukul | 1 Student Record System | 2025-11-17 | N/A | 6.1 MEDIUM |
| PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting (XSS) via adminname and aemailid parameters in /admin-profile.php. | |||||
| CVE-2024-44636 | 1 Phpgurukul | 1 Student Record System | 2025-11-17 | N/A | 6.5 MEDIUM |
| PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php. | |||||
| CVE-2024-44639 | 1 Phpgurukul | 1 Student Record System | 2025-11-17 | N/A | 6.5 MEDIUM |
| PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php. | |||||
| CVE-2024-44640 | 1 Phpgurukul | 1 Student Record System | 2025-11-17 | N/A | 6.5 MEDIUM |
| PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php. | |||||