Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  Security Vulnerabilities
CVE-2021-42223
Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-13
CVE-2021-42224
SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-10-13
CVE-2021-27822
A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-08-19
CVE-2021-26762
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.
CVSS Score
8.8
EPSS Score
0.011
Published
2021-07-22
CVE-2021-26764
SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.
CVSS Score
8.8
EPSS Score
0.031
Published
2021-07-22
CVE-2021-26765
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.
CVSS Score
9.8
EPSS Score
0.037
Published
2021-07-22
CVE-2020-35427
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-20
CVE-2021-28423
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php.
CVSS Score
8.8
EPSS Score
0.017
Published
2021-07-01
CVE-2021-28424
A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php.
CVSS Score
5.4
EPSS Score
0.006
Published
2021-07-01
CVE-2020-22168
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVSS Score
7.5
EPSS Score
0.022
Published
2021-06-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved