Filtered by vendor Phpgurukul
Subscribe
Total
1062 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50991 | 1 Phpgurukul | 1 User Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "fname" POST request parameter | |||||
| CVE-2024-50990 | 1 Phpgurukul | 1 Online Marriage Registration System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scriptng (XSS) vulnerability was found in /omrs/user/search.php in PHPGurukul Online Marriage Registration System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter. | |||||
| CVE-2024-50989 | 1 Phpgurukul | 1 Online Marriage Registration System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System v1.0 allows an attacker to execute arbitrary SQL commands via the "searchdata " parameter. | |||||
| CVE-2024-50843 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 5.3 MEDIUM |
| A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets. | |||||
| CVE-2024-4294 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2026-06-17 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the argument editid leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-262226 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-4293 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2026-06-17 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262225 was assigned to this vulnerability. | |||||
| CVE-2024-48807 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter. | |||||
| CVE-2024-48744 | 1 Phpgurukul | 1 Teachers Record Management System | 2026-06-17 | N/A | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter. | |||||
| CVE-2024-48704 | 1 Phpgurukul | 1 Medical Card Generation System | 2026-06-17 | N/A | 6.1 MEDIUM |
| Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes. | |||||
| CVE-2024-48702 | 1 Phpgurukul | 1 Old Age Home Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| PHPGurukul Old Age Home Management System v1.0 is vulnerable to HTML Injection via the searchdata parameter. | |||||
| CVE-2024-48570 | 1 Phpgurukul | 1 Client Management System | 2026-06-17 | N/A | 7.5 HIGH |
| Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. | |||||
| CVE-2024-48284 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 4.8 MEDIUM |
| A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request. | |||||
| CVE-2024-48283 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter. | |||||
| CVE-2024-48282 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 7.6 HIGH |
| A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request. | |||||
| CVE-2024-48280 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 7.6 HIGH |
| A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request. | |||||
| CVE-2024-48279 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 7.6 HIGH |
| A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request. | |||||
| CVE-2024-48278 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2026-06-17 | N/A | 5.5 MEDIUM |
| Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php. | |||||
| CVE-2024-48170 | 1 Phpgurukul | 1 Small Crm | 2026-06-17 | N/A | 5.4 MEDIUM |
| PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php. | |||||
| CVE-2024-46531 | 1 Phpgurukul | 1 Vehicle Record System | 2026-06-17 | N/A | 6.3 MEDIUM |
| phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php. | |||||
| CVE-2024-46335 | 1 Phpgurukul | 1 Complaint Management System | 2026-06-17 | N/A | 4.6 MEDIUM |
| PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php. | |||||
