Filtered by vendor Phpgurukul
Subscriptions
Total
574 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-48278 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2025-03-31 | 5.5 Medium |
| Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php. | ||||
| CVE-2024-48279 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2025-03-31 | 7.6 High |
| A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request. | ||||
| CVE-2024-48280 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2025-03-31 | 7.6 High |
| A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request. | ||||
| CVE-2024-48282 | 1 Phpgurukul | 2 User Registration \& Login And User Management System, User Registration And Login And User Management System | 2025-03-31 | 7.6 High |
| A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request. | ||||
| CVE-2024-40477 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-03-31 | 9.8 Critical |
| A SQL injection vulnerability in "/oahms/admin/forgot-password.php" in PHPGurukul Old Age Home Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "email" parameter. | ||||
| CVE-2025-25462 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 5.5 Medium |
| A SQL Injection vulnerability was found in /admin/add-propertytype.php in PHPGurukul Land Record System Project in PHP v1.0 allows remote attackers to execute arbitrary code via the propertytype POST request parameter. | ||||
| CVE-2025-28011 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2025-03-28 | 6.1 Medium |
| A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter. | ||||
| CVE-2025-28015 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2025-03-28 | 5.3 Medium |
| A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary HTML code via the fname, lname, and contact parameters. | ||||
| CVE-2024-57686 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "pagetitle" parameter. | ||||
| CVE-2024-57687 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "Cookie" GET request parameter. | ||||
| CVE-2025-25389 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter. | ||||
| CVE-2025-25388 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the editid GET request parameter. | ||||
| CVE-2025-25387 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 7.2 High |
| A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter. | ||||
| CVE-2022-46499 | 1 Phpgurukul | 1 Hospital Management System | 2025-03-28 | 8.8 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_admin_view_single_patient.php. | ||||
| CVE-2022-46498 | 1 Phpgurukul | 1 Hospital Management System | 2025-03-28 | 2.7 Low |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_number parameter at his_admin_view_single_employee.php. | ||||
| CVE-2022-46497 | 1 Phpgurukul | 1 Hospital Management System | 2025-03-28 | 8.1 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_doc_view_single_patien.php. | ||||
| CVE-2024-57175 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-28 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php. | ||||
| CVE-2024-12976 | 1 Phpgurukul | 1 Hospital Management System | 2025-03-28 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in CodeZips Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /staff.php. The manipulation of the argument tel leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-55104 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-03-28 | 7.2 High |
| Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters. | ||||
| CVE-2024-55103 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-03-28 | 7.2 High |
| Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter. | ||||