Filtered by vendor Phpgurukul
Subscribe
Search
Total
191 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23163 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter. | |||||
| CVE-2023-24726 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page. | |||||
| CVE-2023-23158 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page. | |||||
| CVE-2023-23157 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page. | |||||
| CVE-2023-23162 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php. | |||||
| CVE-2023-23156 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page. | |||||
| CVE-2023-23155 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login. | |||||
| CVE-2023-37743 | 1 Phpgurukul | 1 Teacher Subject Allocation System | 2023-12-20 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box. | |||||
| CVE-2023-23161 | 1 Phpgurukul | 1 Art Gallery Management System | 2023-12-20 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the artname parameter under ART TYPE option in the navigation bar. | |||||
| CVE-2023-5794 | 1 Phpgurukul | 1 Online Railway Catering Management System | 2023-12-20 | N/A | 9.8 CRITICAL |
| A vulnerability was found in PHPGurukul Online Railway Catering System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-243600. | |||||
| CVE-2023-6766 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-12-18 | N/A | 3.5 LOW |
| A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/course.php of the component Delete Course Handler. The manipulation of the argument delid leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247896. | |||||
| CVE-2023-6648 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-12-13 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file password-recovery.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247341 was assigned to this vulnerability. | |||||
| CVE-2023-6649 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-12-13 | N/A | 6.1 MEDIUM |
| A vulnerability has been found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument searchdata with the input <script>alert(5)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-247342 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-6653 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-12-13 | N/A | 4.3 MEDIUM |
| A vulnerability was found in PHPGurukul Teacher Subject Allocation Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/subject.php of the component Create a new Subject. The manipulation of the argument cid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-247346 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-6474 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-12-08 | N/A | 6.5 MEDIUM |
| A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file manage-phlebotomist.php. The manipulation of the argument pid leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246640. | |||||
| CVE-2023-6465 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-12-06 | N/A | 6.1 MEDIUM |
| A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615. | |||||
| CVE-2023-48016 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2023-12-06 | N/A | 7.5 HIGH |
| Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter. | |||||
| CVE-2023-6442 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-12-06 | N/A | 5.4 MEDIUM |
| A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246445 was assigned to this vulnerability. | |||||
| CVE-2023-6402 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-12-06 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246423. | |||||
| CVE-2023-6297 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-11-30 | N/A | 6.1 MEDIUM |
| A vulnerability classified as problematic has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file patient-search-report.php of the component Search Report Page. The manipulation of the argument Search By Patient Name with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246123. | |||||
| CVE-2023-47446 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2023-11-20 | N/A | 5.4 MEDIUM |
| Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. | |||||
| CVE-2023-47445 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2023-11-20 | N/A | 9.8 CRITICAL |
| Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. | |||||
| CVE-2023-46025 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-11-17 | N/A | 4.9 MEDIUM |
| SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter. | |||||
| CVE-2023-46024 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-11-17 | N/A | 7.5 HIGH |
| SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter. | |||||
| CVE-2023-46026 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2023-11-17 | N/A | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters. | |||||
| CVE-2023-6074 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2023-11-16 | N/A | 9.8 CRITICAL |
| A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file check-status.php of the component Booking Reservation Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-244943. | |||||
| CVE-2023-6075 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2023-11-16 | N/A | 6.1 MEDIUM |
| A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244944. | |||||
| CVE-2023-6076 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2023-11-16 | N/A | 7.5 HIGH |
| A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability. | |||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2023-11-14 | 6.5 MEDIUM | 7.2 HIGH |
| PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | |||||
| CVE-2020-5307 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php. | |||||
| CVE-2020-5308 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. | |||||
| CVE-2021-27545 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2023-11-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter. | |||||
| CVE-2021-27544 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2023-11-14 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. | |||||
| CVE-2022-43369 | 1 Phpgurukul | 1 Auto\/taxi Stand Management System | 2023-11-14 | N/A | 6.1 MEDIUM |
| AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php. | |||||
| CVE-2022-29004 | 1 Phpgurukul | 1 E-diary Management System | 2023-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. | |||||
| CVE-2022-47102 | 1 Phpgurukul | 1 Student Study Center Management System | 2023-11-14 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | |||||
| CVE-2023-37688 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page. | |||||
| CVE-2023-37744 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 6.1 MEDIUM |
| Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-booking-request.php. | |||||
| CVE-2023-37690 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. | |||||
| CVE-2023-37689 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page. | |||||
| CVE-2023-37745 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Description of the /admin/aboutus.php component. | |||||
| CVE-2023-37746 | 1 Phpgurukul | 1 Maid Hiring Management System | 2023-11-14 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter of the /admin/contactus.php component. | |||||
| CVE-2022-40470 | 1 Phpgurukul | 1 Blood Donor Management System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature. | |||||
| CVE-2023-37685 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal. | |||||
| CVE-2023-37684 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal. | |||||
| CVE-2023-37683 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin. | |||||
| CVE-2023-37687 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2023-11-14 | N/A | 7.2 HIGH |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the View Request of Nurse Page in the Admin portal. | |||||
| CVE-2023-37686 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2023-11-14 | N/A | 4.8 MEDIUM |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal. | |||||
| CVE-2021-26764 | 1 Phpgurukul | 1 Student Record System | 2023-11-14 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php. | |||||
| CVE-2021-26765 | 1 Phpgurukul | 1 Student Record System | 2023-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php. | |||||