Filtered by vendor Phpgurukul
Subscriptions
Total
238 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-22165 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22175 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22172 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22171 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22169 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22166 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22173 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22170 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-22167 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 5.4 Medium |
| PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data. | ||||
| CVE-2020-22176 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information. | ||||
| CVE-2020-22164 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 7.5 High |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-12429 | 1 Phpgurukul | 1 Online Course Registration | 2024-08-04 | 9.8 Critical |
| Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php. | ||||
| CVE-2020-10224 | 1 Phpgurukul | 1 Online Book Store | 2024-08-04 | 9.8 Critical |
| An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | ||||
| CVE-2020-10225 | 1 Phpgurukul | 1 Job Portal | 2024-08-04 | 9.8 Critical |
| An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | ||||
| CVE-2020-10107 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-08-04 | 5.4 Medium |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php. | ||||
| CVE-2020-10106 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-08-04 | 9.8 Critical |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database and to bypass the login prompt. | ||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2024-08-04 | 7.2 High |
| PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | ||||
| CVE-2020-5510 | 1 Phpgurukul | 1 Hostel Management System | 2024-08-04 | 9.8 Critical |
| PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file. | ||||
| CVE-2020-5307 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-08-04 | 9.8 Critical |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php. | ||||
| CVE-2020-5308 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-08-04 | 6.1 Medium |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. | ||||