Filtered by vendor Phpgurukul
Subscribe
Total
1050 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26809 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.
|
|||||
| CVE-2021-26765 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.
|
|||||
| CVE-2021-26764 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.
|
|||||
| CVE-2021-26762 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.
|
|||||
| CVE-2021-26304 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.
|
|||||
| CVE-2021-26303 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.
|
|||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image.
|
|||||
| CVE-2020-5308 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php.
|
|||||
| CVE-2020-5307 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
|
|||||
| CVE-2020-5193 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter.
|
|||||
| CVE-2020-5192 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
|
|||||
| CVE-2020-5191 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
|
|||||
| CVE-2020-36062 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.
|
|||||
| CVE-2020-35745 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs.
|
|||||
| CVE-2020-35427 | 1 Phpgurukul | 1 Employee Record Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
|
|||||
| CVE-2020-35151 | 1 Phpgurukul | 1 Online Marriage Registration System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.
|
|||||
| CVE-2020-28136 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.
|
|||||
| CVE-2020-26052 | 1 Phpgurukul | 1 Online Marriage Registration System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters.
|
|||||
| CVE-2020-25487 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.
|
|||||
| CVE-2020-25271 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php.
|
|||||
| CVE-2020-25270 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.
|
|||||
| CVE-2020-23936 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".
|
|||||
| CVE-2020-23466 | 1 Phpgurukul | 1 Online Marriage Registration System | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field.
|
|||||
| CVE-2020-22176 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information.
|
|||||
| CVE-2020-22175 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22174 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22173 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22172 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22171 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22170 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22169 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22168 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22167 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data.
|
|||||
| CVE-2020-22166 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22165 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22164 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-12429 | 1 Phpgurukul | 1 Online Course Registration | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php.
|
|||||
| CVE-2020-10225 | 1 Phpgurukul | 1 Job Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
|
|||||
| CVE-2020-10224 | 1 Phpgurukul | 1 Online Book Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
|
|||||
| CVE-2020-10107 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php.
|
|||||