Filtered by vendor Phpgurukul
Subscribe
Total
1062 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-55103 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2026-06-17 | N/A | 7.2 HIGH |
| Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter. | |||||
| CVE-2024-55100 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter. | |||||
| CVE-2024-55099 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter. | |||||
| CVE-2024-55059 | 1 Phpgurukul | 1 Online Birth Certificate System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php. | |||||
| CVE-2024-55058 | 1 Phpgurukul | 1 Online Birth Certificate System | 2026-06-17 | N/A | 4.3 MEDIUM |
| An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks. | |||||
| CVE-2024-55057 | 1 Phpgurukul | 1 Online Birth Certificate System | 2026-06-17 | N/A | 5.4 MEDIUM |
| Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts. | |||||
| CVE-2024-55056 | 1 Phpgurukul | 1 Online Birth Certificate System | 2026-06-17 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field. | |||||
| CVE-2024-55016 | 1 Phpgurukul | 1 Student Record System | 2026-06-17 | N/A | 6.5 MEDIUM |
| PHPGurukul Student Record Management System 3.20 is vulnerable to SQL Injection via the id and password parameters in login.php. | |||||
| CVE-2024-54842 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter. | |||||
| CVE-2024-54811 | 1 Phpgurukul | 1 Park Ticketing Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. | |||||
| CVE-2024-54810 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter. | |||||
| CVE-2024-54790 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2026-06-17 | N/A | 7.5 HIGH |
| A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter. | |||||
| CVE-2024-53635 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter. | |||||
| CVE-2024-53604 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter. | |||||
| CVE-2024-53603 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2026-06-17 | N/A | 7.3 HIGH |
| A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter. | |||||
| CVE-2024-53481 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters. | |||||
| CVE-2024-53480 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter. | |||||
| CVE-2024-53365 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field. | |||||
| CVE-2024-53364 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries. | |||||
| CVE-2024-51360 | 1 Phpgurukul | 1 Hospital Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file | |||||
