Filtered by vendor Phpgurukul
Subscribe
Total
234 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-31914 | 1 Phpgurukul | 1 Zoo Management System | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. | |||||
CVE-2022-29007 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | |||||
CVE-2022-31384 | 1 Phpgurukul | 1 Directory Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. | |||||
CVE-2022-29009 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | |||||
CVE-2022-31383 | 1 Phpgurukul | 1 Directory Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. | |||||
CVE-2022-31382 | 1 Phpgurukul | 1 Directory Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. | |||||
CVE-2022-27992 | 1 Phpgurukul | 1 Zoo Management System | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | |||||
CVE-2022-31897 | 1 Phpgurukul | 1 Zoo Management System | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. | |||||
CVE-2022-29006 | 1 Phpgurukul | 1 Directory Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | |||||
CVE-2022-30930 | 1 Phpgurukul | 1 Tourism Management System | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | |||||
CVE-2020-36062 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | |||||
CVE-2021-46110 | 1 Phpgurukul | 1 Online Shopping Portal | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. | |||||
CVE-2021-44965 | 1 Phpgurukul | 1 Employee Record Management System | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server. | |||||
CVE-2021-44966 | 1 Phpgurukul | 1 Employee Record Management System | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system. | |||||
CVE-2022-24263 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. | |||||
CVE-2021-42223 | 1 Phpgurukul | 1 Online Dj Booking Management System | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php. | |||||
CVE-2021-37808 | 1 Phpgurukul | 1 News Portal | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
SQL Injection vulnerabilities exist in https://phpgurukul.com News Portal Project 3.1 via the (1) category, (2) subcategory, (3) sucatdescription, and (4) username parameters, the server response is about (N) seconds delay respectively which mean it is vulnerable to MySQL Blind (Time Based). An attacker can use sqlmap to further the exploitation for extracting sensitive information from the database. | |||||
CVE-2021-43451 | 1 Phpgurukul | 1 Employee Record Management System | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php. | |||||
CVE-2021-39411 | 1 Phpgurukul | 1 Hospital Management System | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php. | |||||
CVE-2021-44317 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability. |