Filtered by vendor Phpgurukul
Subscribe
Total
1062 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-51226 | 1 Phpgurukul | 1 Vehicle Record Management System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Search parameter. | |||||
| CVE-2024-51225 | 1 Phpgurukul | 1 Vehicle Record Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the brandname parameter. | |||||
| CVE-2024-51224 | 1 Phpgurukul | 1 Vehicle Record Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the vehiclename, modelnumber, regnumber, vehiclesubtype, chasisnum and enginenumber parameters. | |||||
| CVE-2024-51223 | 1 Phpgurukul | 1 Vehicle Record Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Mobile Number parameter. | |||||
| CVE-2024-51222 | 1 Phpgurukul | 1 Vehicle Record Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter. | |||||
| CVE-2024-51209 | 1 Phpgurukul | 1 Client Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page. | |||||
| CVE-2024-51208 | 1 Phpgurukul | 1 Boat Booking System | 2026-06-17 | N/A | 7.2 HIGH |
| File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | |||||
| CVE-2024-51181 | 1 Phpgurukul | 1 Ifsc Code Finder | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/admin/profile.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code via " searchifsccode" parameter. | |||||
| CVE-2024-51180 | 1 Phpgurukul | 1 Ifsc Code Finder | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/index.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code via the "searchifsccode" parameter. | |||||
| CVE-2024-51103 | 1 Phpgurukul | 1 Student Management System | 2026-06-17 | N/A | 6.5 MEDIUM |
| PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/password-recovery.php via the emailid and id parameters. | |||||
| CVE-2024-51102 | 1 Phpgurukul | 1 Student Management System | 2026-06-17 | N/A | 4.4 MEDIUM |
| PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters. | |||||
| CVE-2024-51101 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2026-06-17 | N/A | 9.8 CRITICAL |
| PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php. | |||||
| CVE-2024-51099 | 1 Phpgurukul | 1 Medical Card Generation System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the searchdata parameter. | |||||
| CVE-2024-51076 | 1 Phpgurukul | 1 Online Dj Booking Management System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. | |||||
| CVE-2024-51075 | 1 Phpgurukul | 1 Online Dj Booking Management System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata parameter. | |||||
| CVE-2024-51066 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2026-06-17 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers. | |||||
| CVE-2024-51065 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter. | |||||
| CVE-2024-51064 | 1 Phpgurukul | 1 Teachers Record Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php. | |||||
| CVE-2024-51063 | 1 Phpgurukul | 1 Teachers Record Management System | 2026-06-17 | N/A | 9.1 CRITICAL |
| Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter. | |||||
| CVE-2024-51054 | 1 Phpgurukul | 1 Online Marriage Registration System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter. | |||||
