Filtered by vendor Phpgurukul
Subscribe
Total
1062 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-50491 | 1 Phpgurukul | 1 Bank Locker Management System | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50490 | 1 Phpgurukul | 1 Student Result Management System | 2026-06-17 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50489 | 1 Phpgurukul | 1 Student Result Management System | 2026-06-17 | N/A | 7.5 HIGH |
| Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50488 | 1 Phpgurukul | 1 Online Library Management System | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50487 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50486 | 1 Phpgurukul | 1 E-diary Management System | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50485 | 1 Phpgurukul | 1 Online Course Registration | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50484 | 1 Phpgurukul | 1 Small Crm | 2026-06-17 | N/A | 7.1 HIGH |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50363 | 1 Phpgurukul | 1 Maid Hiring Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-hiring.php va the name field. | |||||
| CVE-2025-50350 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2026-06-17 | N/A | 5.4 MEDIUM |
| PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php. | |||||
| CVE-2025-50349 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2026-06-17 | N/A | 7.5 HIGH |
| PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php. | |||||
| CVE-2025-50348 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2026-06-17 | N/A | 7.5 HIGH |
| PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php. | |||||
| CVE-2025-4941 | 1 Phpgurukul | 1 Credit Card Application Management System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in PHPGurukul Credit Card Application Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4939 | 1 Phpgurukul | 1 Credit Card Application Management System | 2026-06-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic was found in PHPGurukul Credit Card Application Management System 1.0. This vulnerability affects unknown code of the file /admin/new-ccapplication.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4938 | 1 Phpgurukul | 1 Employee Record Management System | 2026-06-17 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registererms.php. The manipulation of the argument Email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4934 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul User Registration & Login and User Management System 3.3 and classified as critical. This vulnerability affects unknown code of the file /edit-profile.php. The manipulation of the argument Contact leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4927 | 1 Phpgurukul | 1 Online Marriage Registration System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Online Marriage Registration System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/between-dates-application-report.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4926 | 1 Phpgurukul | 1 Car Rental Portal | 2026-06-17 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/post-avehical.php. The manipulation of the argument img1/img2/img3/img4/img5 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4925 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4917 | 1 Phpgurukul | 1 Auto\/taxi Stand Management System | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in PHPGurukul Auto Taxi Stand Management System 1.0. Affected is an unknown function of the file /admin/new-autoortaxi-entry-form.php. The manipulation of the argument drivername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||