Filtered by vendor Phpgurukul
Subscribe
Total
911 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2678 | 1 Phpgurukul | 1 Bank Locker Management System | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /changeimage1.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2679 | 1 Phpgurukul | 1 Bank Locker Management System | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-us.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2680 | 1 Phpgurukul | 1 Bank Locker Management System | 2025-06-04 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit-assign-locker.php?ltid=1. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-51102 | 1 Phpgurukul | 1 Student Management System | 2025-06-03 | N/A | 4.4 MEDIUM |
| PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters. | |||||
| CVE-2024-51103 | 1 Phpgurukul | 1 Student Management System | 2025-06-03 | N/A | 6.5 MEDIUM |
| PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/password-recovery.php via the emailid and id parameters. | |||||
| CVE-2024-51099 | 1 Phpgurukul | 1 Medical Card Generation System | 2025-06-03 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the searchdata parameter. | |||||
| CVE-2025-5367 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-06-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument Product leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5368 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2025-06-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5373 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-06-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This vulnerability affects unknown code of the file /admin/users-applications.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5374 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-06-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This issue affects some unknown processing of the file /admin/all-applications.php. The manipulation of the argument del leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5375 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-06-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/registered-users.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-26627 | 1 Phpgurukul | 1 Hospital Management System | 2025-06-03 | N/A | 4.9 MEDIUM |
| A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab. | |||||
| CVE-2025-4696 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-06-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-3767 | 1 Phpgurukul | 1 News Portal Project | 2025-05-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4226 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-05-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname/comploc leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4695 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-05-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add-users.php. The manipulation of the argument uadd leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-51360 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-29 | N/A | 9.8 CRITICAL |
| An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file | |||||
| CVE-2024-51101 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2025-05-29 | N/A | 9.8 CRITICAL |
| PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php. | |||||
| CVE-2024-48702 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-29 | N/A | 5.4 MEDIUM |
| PHPGurukul Old Age Home Management System v1.0 is vulnerable to HTML Injection via the searchdata parameter. | |||||
| CVE-2021-28423 | 1 Phpgurukul | 1 Teachers Record Management System | 2025-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. | |||||