Filtered by vendor Phpgurukul
Subscribe
Filtered by product Park Ticketing Management System
Subscribe
Total
15 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4808 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file /add-normal-ticket.php. The manipulation of the argument noadult/nochildren/aprice/cprice leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-4781 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in PHPGurukul Park Ticketing Management System 2.0. Affected is an unknown function of the file /forgot-password.php. The manipulation of the argument email/contactno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4777 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an unknown part of the file /view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-45020 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request. | |||||
| CVE-2025-45009 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 5.3 MEDIUM |
| A HTML Injection vulnerability was discovered in the normal-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata parameter. | |||||
| CVE-2025-45010 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 5.3 MEDIUM |
| A HTML Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the fromdate and todate POST request parameters. | |||||
| CVE-2025-45011 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 5.3 MEDIUM |
| A HTML Injection vulnerability was discovered in the foreigner-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | |||||
| CVE-2025-45015 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. The vulnerability allows remote attackers to inject arbitrary JavaScript code via the fromdate and todate parameters. | |||||
| CVE-2025-45017 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter. | |||||
| CVE-2025-45018 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter. | |||||
| CVE-2025-45019 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the cprice POST request parameter. | |||||
| CVE-2025-4153 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-07 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in PHPGurukul Park Ticketing Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-54811 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-04-03 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. | |||||
| CVE-2023-26959 | 1 Phpgurukul | 1 Park Ticketing Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter. | |||||
| CVE-2023-26958 | 1 Phpgurukul | 1 Park Ticketing Management System | 2024-11-21 | N/A | 4.8 MEDIUM |
| Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter. | |||||