Filtered by vendor Phpgurukul
Subscribe
Total
234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48720 | 1 Phpgurukul | 1 Student Result Management System | 2024-02-28 | N/A | 9.8 CRITICAL |
| Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-46024 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2024-02-28 | N/A | 7.5 HIGH |
| SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter. | |||||
| CVE-2023-51978 | 1 Phpgurukul | 1 Art Gallery Management System | 2024-02-28 | N/A | 6.5 MEDIUM |
| In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection. | |||||
| CVE-2023-48722 | 1 Phpgurukul | 1 Student Result Management System | 2024-02-28 | N/A | 9.8 CRITICAL |
| Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-46025 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2024-02-28 | N/A | 4.9 MEDIUM |
| SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter. | |||||
| CVE-2020-26629 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | N/A | 9.8 CRITICAL |
| A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server. | |||||
| CVE-2023-47446 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2024-02-28 | N/A | 5.4 MEDIUM |
| Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. | |||||
| CVE-2023-48718 | 1 Phpgurukul | 1 Student Result Management System | 2024-02-28 | N/A | 9.8 CRITICAL |
| Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2020-26627 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | N/A | 4.9 MEDIUM |
| A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab. | |||||
| CVE-2023-47445 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2024-02-28 | N/A | 9.8 CRITICAL |
| Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. | |||||
| CVE-2023-46026 | 1 Phpgurukul | 1 Teacher Subject Allocation Management System | 2024-02-28 | N/A | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters. | |||||
| CVE-2023-48016 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2024-02-28 | N/A | 7.5 HIGH |
| Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter. | |||||
| CVE-2020-26628 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | N/A | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0 which allows an attacker to execute arbitrary web scripts or HTML code via a malicious payload appended to a username on the 'Edit Profile" page and triggered by another user visiting the profile. | |||||
| CVE-2020-26630 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | N/A | 4.9 MEDIUM |
| A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin. | |||||
| CVE-2023-37772 | 1 Phpgurukul | 1 Online Shopping Portal | 2024-02-28 | N/A | 8.8 HIGH |
| Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. | |||||
| CVE-2023-37744 | 1 Phpgurukul | 1 Maid Hiring Management System | 2024-02-28 | N/A | 6.1 MEDIUM |
| Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-booking-request.php. | |||||
| CVE-2023-41575 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2024-02-28 | N/A | 5.4 MEDIUM |
| Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters. | |||||
| CVE-2023-37685 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2024-02-28 | N/A | 4.8 MEDIUM |
| Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal. | |||||
| CVE-2023-36942 | 1 Phpgurukul | 1 Online Fire Reporting System | 2024-02-28 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field. | |||||
| CVE-2023-46583 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2024-02-28 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows attackers to execute arbitrary code via a crafted payload injected into the State field. | |||||