Vulnerabilities (CVE)

Filtered by vendor Phpgurukul Subscribe
Total 1062 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-44636 1 Phpgurukul 1 Student Record System 2026-06-17 N/A 6.5 MEDIUM
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php.
CVE-2024-44635 1 Phpgurukul 1 Student Record System 2026-06-17 N/A 6.1 MEDIUM
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting (XSS) via adminname and aemailid parameters in /admin-profile.php.
CVE-2024-44633 1 Phpgurukul 1 Student Record System 2026-06-17 N/A 6.5 MEDIUM
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php.
CVE-2024-44632 1 Phpgurukul 1 Student Record System 2026-06-17 N/A 6.5 MEDIUM
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the id and emailid parameters in password-recovery.php.
CVE-2024-44630 1 Phpgurukul 1 Student Record System 2026-06-17 N/A 6.5 MEDIUM
Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country, state, city, padd, cadd, and gender.
CVE-2024-41333 1 Phpgurukul 1 Tourism Management System 2026-06-17 N/A 6.1 MEDIUM
A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.
CVE-2024-40484 1 Phpgurukul 1 Old Age Home Management System 2026-06-17 N/A 6.1 MEDIUM
A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter.
CVE-2024-40481 1 Phpgurukul 1 Old Age Home Management System 2026-06-17 N/A 5.4 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter.
CVE-2024-40477 1 Phpgurukul 1 Old Age Home Management System 2026-06-17 N/A 9.8 CRITICAL
A SQL injection vulnerability in "/oahms/admin/forgot-password.php" in PHPGurukul Old Age Home Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "email" parameter.
CVE-2024-3771 1 Phpgurukul 1 Student Record System 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-260618 is the identifier assigned to this vulnerability.
CVE-2024-3770 1 Phpgurukul 1 Student Record System 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability has been found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage-courses.php?del=1. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260617 was assigned to this vulnerability.
CVE-2024-3769 1 Phpgurukul 1 Student Record System 2026-06-17 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /login.php. The manipulation of the argument id/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260616.
CVE-2024-3768 1 Phpgurukul 1 News Portal Project 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in PHPGurukul/itsourcecode News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260615.
CVE-2024-3767 1 Phpgurukul 1 News Portal Project 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-3691 1 Phpgurukul 1 Small Crm 2026-06-17 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the component Registration Page. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260480.
CVE-2024-3690 1 Phpgurukul 1 Small Crm 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260479.
CVE-2024-3091 1 Phpgurukul 1 Emergency Ambulance Hiring Portal 2026-06-17 3.3 LOW 2.4 LOW
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/search.php of the component Search Request Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258684.
CVE-2024-3090 1 Phpgurukul 1 Emergency Ambulance Hiring Portal 2026-06-17 3.3 LOW 2.4 LOW
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/add-ambulance.php of the component Add Ambulance Page. The manipulation of the argument Ambulance Reg No/Driver Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258683.
CVE-2024-3089 1 Phpgurukul 1 Emergency Ambulance Hiring Portal 2026-06-17 5.0 MEDIUM 4.3 MEDIUM
A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/manage-ambulance.php of the component Manage Ambulance Page. The manipulation of the argument del leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-258682 is the identifier assigned to this vulnerability.
CVE-2024-3088 1 Phpgurukul 1 Emergency Ambulance Hiring Portal 2026-06-17 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. This affects an unknown part of the file /admin/forgot-password.php of the component Forgot Password Page. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258681 was assigned to this vulnerability.