Filtered by vendor Phpgurukul
Subscriptions
Total
238 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-35387 | 1 Phpgurukul | 1 Hospital Management System | 2024-08-04 | 8.8 High |
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. | ||||
CVE-2021-33469 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-08-03 | 4.8 Medium |
COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the "Admin name" parameter. | ||||
CVE-2021-33470 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-08-03 | 9.8 Critical |
COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel. | ||||
CVE-2021-28424 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-08-03 | 5.4 Medium |
A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. | ||||
CVE-2021-28423 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-08-03 | 8.8 High |
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. | ||||
CVE-2021-27822 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2024-08-03 | 4.8 Medium |
A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field. | ||||
CVE-2021-27545 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-08-03 | 6.5 Medium |
SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter. | ||||
CVE-2021-27544 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-08-03 | 4.8 Medium |
Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. | ||||
CVE-2021-26809 | 1 Phpgurukul | 1 Car Rental Portal | 2024-08-03 | 9.8 Critical |
PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | ||||
CVE-2021-26822 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-08-03 | 9.8 Critical |
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks. | ||||
CVE-2021-26764 | 1 Phpgurukul | 1 Student Record System | 2024-08-03 | 8.8 High |
SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php. | ||||
CVE-2021-26762 | 1 Phpgurukul | 1 Student Record System | 2024-08-03 | 8.8 High |
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php. | ||||
CVE-2021-26765 | 1 Phpgurukul | 1 Student Record System | 2024-08-03 | 9.8 Critical |
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php. | ||||
CVE-2021-26303 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-08-03 | 6.1 Medium |
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | ||||
CVE-2021-26304 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-08-03 | 5.4 Medium |
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | ||||
CVE-2021-4232 | 1 Phpgurukul | 1 Zoo Management System | 2024-08-03 | 3.5 Low |
A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely. | ||||
CVE-2022-47102 | 1 Phpgurukul | 1 Student Study Center Management System | 2024-08-03 | 5.4 Medium |
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | ||||
CVE-2022-46128 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2024-08-03 | 6.1 Medium |
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=. | ||||
CVE-2022-45730 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2024-08-03 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function. | ||||
CVE-2022-45729 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2024-08-03 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter. |