Filtered by vendor Phpgurukul
Subscriptions
Total
488 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-37781 | 1 Phpgurukul | 1 Employee Record Management System | 2024-11-21 | 5.4 Medium |
| Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php. | ||||
| CVE-2021-35388 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.4 Medium |
| Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php. | ||||
| CVE-2021-35387 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 8.8 High |
| Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. | ||||
| CVE-2021-33470 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-21 | 9.8 Critical |
| COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel. | ||||
| CVE-2021-33469 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2024-11-21 | 4.8 Medium |
| COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the "Admin name" parameter. | ||||
| CVE-2021-28424 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. | ||||
| CVE-2021-28423 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 8.8 High |
| Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. | ||||
| CVE-2021-27822 | 1 Phpgurukul | 1 Vehicle Parking Management System | 2024-11-21 | 4.8 Medium |
| A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field. | ||||
| CVE-2021-27545 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 6.5 Medium |
| SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter. | ||||
| CVE-2021-27544 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. | ||||
| CVE-2021-26822 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 9.8 Critical |
| Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks. | ||||
| CVE-2021-26809 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 9.8 Critical |
| PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | ||||
| CVE-2021-26765 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php. | ||||
| CVE-2021-26764 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 8.8 High |
| SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php. | ||||
| CVE-2021-26762 | 1 Phpgurukul | 1 Student Record System | 2024-11-21 | 8.8 High |
| SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php. | ||||
| CVE-2021-26304 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 5.4 Medium |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | ||||
| CVE-2021-26303 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2024-11-21 | 6.1 Medium |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | ||||
| CVE-2020-5510 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-21 | 9.8 Critical |
| PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file. | ||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 7.2 High |
| PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | ||||
| CVE-2020-5308 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2024-11-21 | 6.1 Medium |
| PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. | ||||