Filtered by vendor Phpgurukul Subscriptions
Total 317 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-10701 1 Phpgurukul 1 Car Rental Portal 2024-11-05 3.5 Low
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-51076 1 Phpgurukul 1 Online Dj Booking Management System 2024-11-04 6.1 Medium
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter.
CVE-2024-51075 1 Phpgurukul 1 Online Dj Booking Management System 2024-11-04 6.1 Medium
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata parameter.
CVE-2024-51181 1 Phpgurukul 1 Ifsc Code Finder 2024-11-04 8.8 High
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/admin/profile.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code via " searchifsccode" parameter.
CVE-2024-51180 1 Phpgurukul 1 Ifsc Code Finder 2024-11-04 8.8 High
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/index.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code via the "searchifsccode" parameter.
CVE-2024-51066 1 Phpgurukul 1 Beauty Parlour Management System 2024-11-02 7.5 High
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.
CVE-2024-51063 1 Phpgurukul 1 Teachers Record Management System 2024-11-01 9.1 Critical
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter.
CVE-2024-51065 1 Phpgurukul 1 Beauty Parlour Management System 2024-11-01 9.8 Critical
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.
CVE-2024-51064 1 Phpgurukul 1 Teachers Record Management System 2024-11-01 9.8 Critical
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php.
CVE-2024-48807 1 Phpgurukul 1 Doctor Appointment Management System 2024-11-01 5.4 Medium
Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter.
CVE-2024-46531 1 Phpgurukul 1 Vehicle Record Management System 2024-11-01 6.3 Medium
phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php.
CVE-2024-10331 1 Phpgurukul 1 Vehicle Record System 2024-11-01 6.3 Medium
A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record System 1.0. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-10296 2 Anujkumar, Phpgurukul 2 Medical Card Generation System, Medical Card Generation System 2024-10-30 4.7 Medium
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-10414 1 Phpgurukul 1 Vehicle Record System 2024-10-29 2.4 Low
A vulnerability, which was classified as problematic, was found in PHPGurukul Vehicle Record System 1.0. This affects an unknown part of the file /admin/edit-brand.php. The manipulation of the argument Brand Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter "phone_number" to be affected. But this might be a mistake because the textbox field label is "Brand Name".
CVE-2024-48570 2 Client Management System, Phpgurukul 2 Client Management System, Client Management System 2024-10-25 7.5 High
Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php.
CVE-2024-10298 1 Phpgurukul 1 Medical Card Generation System 2024-10-25 4.7 Medium
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-10299 1 Phpgurukul 1 Medical Card Generation System 2024-10-25 4.7 Medium
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-10300 1 Phpgurukul 1 Medical Card Generation System 2024-10-25 4.7 Medium
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-10301 1 Phpgurukul 1 Medical Card Generation System 2024-10-25 4.7 Medium
A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-46239 1 Phpgurukul 1 Hospital Management System 2024-10-23 5.9 Medium
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php.