Filtered by vendor Phpgurukul
Subscribe
Total
272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33470 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel. | |||||
| CVE-2021-33469 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the "Admin name" parameter. | |||||
| CVE-2021-28424 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. | |||||
| CVE-2021-28423 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. | |||||
| CVE-2021-27822 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field. | |||||
| CVE-2021-27545 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter. | |||||
| CVE-2021-27544 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. | |||||
| CVE-2021-26822 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks. | |||||
| CVE-2021-26809 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | |||||
| CVE-2021-26765 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php. | |||||
| CVE-2021-26764 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php. | |||||
| CVE-2021-26762 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php. | |||||
| CVE-2021-26304 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | |||||
| CVE-2021-26303 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | |||||
| CVE-2020-5510 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file. | |||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | |||||
| CVE-2020-5308 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. | |||||
| CVE-2020-5307 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php. | |||||
| CVE-2020-5193 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter. | |||||
| CVE-2020-5192 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised. | |||||