PHPGurukul Security Vulnerabilities
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system.
7.2CVSS
7AI Score
0.001EPSS
In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system.
7.2CVSS
7AI Score
0.001EPSS
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.
9.8CVSS
9.7AI Score
0.002EPSS
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.
9.8CVSS
9.7AI Score
0.002EPSS
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.
5.4CVSS
5.3AI Score
0.001EPSS
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php.
5.4CVSS
5.3AI Score
0.001EPSS
AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.
6.1CVSS
6AI Score
0.001EPSS
Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability.
6.1CVSS
6AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter.
6.1CVSS
5.8AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function.
6.1CVSS
5.8AI Score
0.001EPSS
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=.
6.1CVSS
6AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)&l...
6.1CVSS
5.8AI Score
0.005EPSS
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched r...
9.8CVSS
9.6AI Score
0.3EPSS
A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate th...
4.8CVSS
4.8AI Score
0.007EPSS
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirem...
9.1CVSS
9.2AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible to...
6.5CVSS
6.9AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads to ...
6.1CVSS
6AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possible ...
9.8CVSS
9.8AI Score
0.002EPSS
A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to s...
9.8CVSS
9.7AI Score
0.002EPSS
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated remote...
9.8CVSS
9.7AI Score
0.002EPSS
A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. Affected is an unknown function of the file recovery.php of the component Password Reset. The manipulation of the argument uname/mobile leads to sql injection. It is possible to launch the attack ...
9.1CVSS
9.4AI Score
0.002EPSS
Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login.
9.8CVSS
9.8AI Score
0.002EPSS
Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page.
9.8CVSS
9.8AI Score
0.003EPSS
A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page.
5.4CVSS
5.2AI Score
0.001EPSS
A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page.
5.4CVSS
5.2AI Score
0.001EPSS
A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the artname parameter under ART TYPE option in the navigation bar.
6.1CVSS
5.8AI Score
0.004EPSS
Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php.
9.8CVSS
9.8AI Score
0.005EPSS
Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter.
9.8CVSS
9.8AI Score
0.005EPSS
Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page.
9.8CVSS
9.7AI Score
0.001EPSS
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter.
4.8CVSS
4.9AI Score
0.001EPSS
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.
9.8CVSS
9.7AI Score
0.001EPSS
BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page.
9.8CVSS
9.7AI Score
0.002EPSS
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.
9.8CVSS
9.6AI Score
0.018EPSS
A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some unknown functionality of the file /changeimage.php of the component Profile Picture Handler. The manipulation of the argument newpic leads to unrestr...
6.3CVSS
5.5AI Score
0.002EPSS
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file.
7.2CVSS
7.2AI Score
0.001EPSS
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file.
7.2CVSS
7.2AI Score
0.001EPSS
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
4.8CVSS
4.8AI Score
0.001EPSS
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
4.8CVSS
4.8AI Score
0.001EPSS
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file.
7.2CVSS
7.2AI Score
0.001EPSS
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file.
7.2CVSS
7.2AI Score
0.001EPSS
A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view-pass-detail.php of the component POST Request Handler. The manipulation of the argument searchdata leads to sql injection. The...
9.8CVSS
9.7AI Score
0.003EPSS
Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.
9.8CVSS
9.8AI Score
0.011EPSS
Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page.
4.8CVSS
4.8AI Score
0.002EPSS
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).
6.1CVSS
6.1AI Score
0.0005EPSS
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.
6.1CVSS
6AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter.
6.1CVSS
6AI Score
0.001EPSS
A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...
9.1CVSS
9.3AI Score
0.001EPSS
Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.
5.4CVSS
5.7AI Score
0.001EPSS
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.
4.8CVSS
4.9AI Score
0.001EPSS