Filtered by vendor Phpgurukul
Subscriptions
Total
488 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40925 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 7.2 High |
| Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system. | ||||
| CVE-2022-40924 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 7.2 High |
| Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system. | ||||
| CVE-2022-36198 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 9.8 Critical |
| Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php | ||||
| CVE-2022-35156 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 9.8 Critical |
| Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.. | ||||
| CVE-2022-35155 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 6.1 Medium |
| Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter. | ||||
| CVE-2022-33075 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors. | ||||
| CVE-2022-31914 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 5.4 Medium |
| Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. | ||||
| CVE-2022-31897 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 6.1 Medium |
| SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. | ||||
| CVE-2022-31384 | 1 Phpgurukul | 1 Directory Management System | 2024-11-21 | 9.8 Critical |
| Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. | ||||
| CVE-2022-31383 | 1 Phpgurukul | 1 Directory Management System | 2024-11-21 | 9.8 Critical |
| Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. | ||||
| CVE-2022-31382 | 1 Phpgurukul | 1 Directory Management System | 2024-11-21 | 9.8 Critical |
| Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. | ||||
| CVE-2022-30930 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 4.3 Medium |
| Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | ||||
| CVE-2022-29009 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | ||||
| CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 6.5 Medium |
| An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | ||||
| CVE-2022-29007 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | ||||
| CVE-2022-29006 | 1 Phpgurukul | 1 Directory Management System | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | ||||
| CVE-2022-29005 | 1 Phpgurukul | 1 Online Birth Certificate System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters. | ||||
| CVE-2022-29004 | 1 Phpgurukul | 1 E-diary Management System | 2024-11-21 | 6.1 Medium |
| Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. | ||||
| CVE-2022-28992 | 1 Phpgurukul | 1 Online Banquet Booking System | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | ||||
| CVE-2022-27992 | 1 Phpgurukul | 1 Zoo Management System | 2024-11-21 | 8.8 High |
| Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | ||||