Filtered by vendor Phpgurukul
Subscriptions
Total
301 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-51208 | 1 Phpgurukul | 1 Boat Booking System | 2024-11-23 | 7.2 High |
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | ||||
CVE-2023-6465 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-11-21 | 4.3 Medium |
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615. | ||||
CVE-2024-39090 | 1 Phpgurukul | 1 Online Shopping Portal | 2024-11-21 | 6.1 Medium |
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. | ||||
CVE-2024-37798 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 5.9 Medium |
Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field. | ||||
CVE-2024-32254 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image. | ||||
CVE-2024-0652 | 1 Phpgurukul | 1 Company Visitor Management System | 2024-11-21 | 3.5 Low |
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file search-visitor.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251378 is the identifier assigned to this vulnerability. | ||||
CVE-2024-0651 | 1 Phpgurukul | 1 Company Visitor Management System | 2024-11-21 | 6.3 Medium |
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search-visitor.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251377 was assigned to this vulnerability. | ||||
CVE-2024-0476 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2024-11-21 | 2.4 Low |
A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0. This affects an unknown part of the file request-received-bydonar.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250581 was assigned to this vulnerability. | ||||
CVE-2024-0459 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2024-11-21 | 4.7 Medium |
A vulnerability has been found in Blood Bank & Donor Management 5.6 and classified as critical. This vulnerability affects unknown code of the file /admin/request-received-bydonar.php. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250564. | ||||
CVE-2024-0364 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250131. | ||||
CVE-2024-0363 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file admin/patient-search.php. The manipulation of the argument searchdata leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250130 is the identifier assigned to this vulnerability. | ||||
CVE-2024-0362 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/change-password.php. The manipulation of the argument cpass leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-250129 was assigned to this vulnerability. | ||||
CVE-2024-0361 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
A vulnerability classified as critical has been found in PHPGurukul Hospital Management System 1.0. Affected is an unknown function of the file admin/contact.php. The manipulation of the argument mobnum leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250128. | ||||
CVE-2024-0360 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/edit-doctor-specialization.php. The manipulation of the argument doctorspecilization leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250127. | ||||
CVE-2024-0355 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 5.5 Medium |
A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Affected is an unknown function of the file add-category.php. The manipulation of the argument category leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250122 is the identifier assigned to this vulnerability. | ||||
CVE-2024-0286 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 4.3 Medium |
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file index.php#contact_us of the component Contact Form. The manipulation of the argument Name/Email/Message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249843. | ||||
CVE-2023-7173 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 4.3 Medium |
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file registration.php. The manipulation of the argument First Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249357 was assigned to this vulnerability. | ||||
CVE-2023-7172 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 7.3 High |
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249356. | ||||
CVE-2023-7100 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2024-11-21 | 6.3 Medium |
A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248952. | ||||
CVE-2023-7099 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-11-21 | 6.3 Medium |
A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248951. |