Filtered by vendor Phpgurukul
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-42206 | 1 Phpgurukul | 1 Hospital Management System | 2023-12-10 | N/A | 5.4 MEDIUM |
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php. | |||||
CVE-2022-31383 | 1 Phpgurukul | 1 Directory Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. | |||||
CVE-2021-46110 | 1 Phpgurukul | 1 Online Shopping Portal | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. | |||||
CVE-2022-24226 | 1 Phpgurukul | 1 Hospital Management System | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | |||||
CVE-2022-28992 | 1 Phpgurukul | 1 Online Banquet Booking System | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | |||||
CVE-2022-27351 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | |||||
CVE-2022-29009 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | |||||
CVE-2022-27992 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | |||||
CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | |||||
CVE-2022-29006 | 1 Phpgurukul | 1 Directory Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | |||||
CVE-2020-36062 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | |||||
CVE-2022-31897 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. | |||||
CVE-2022-24646 | 1 Phpgurukul | 1 Hospital Management System | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters. | |||||
CVE-2022-29005 | 1 Phpgurukul | 1 Online Birth Certificate System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters. | |||||
CVE-2021-4232 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely. | |||||
CVE-2022-31914 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. | |||||
CVE-2022-29004 | 1 Phpgurukul | 1 E-diary Management System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. | |||||
CVE-2022-31384 | 1 Phpgurukul | 1 Directory Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. | |||||
CVE-2022-29007 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | |||||
CVE-2022-31382 | 1 Phpgurukul | 1 Directory Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. |