Security Vulnerabilities
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-17
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php.
CVSS Score
4.6
EPSS Score
0.0
Published
2025-11-17
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-17
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-17
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-17
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSS Score
6.8
EPSS Score
0.001
Published
2025-11-17
Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-17
Multiple CWE-352 Cross-Site Request Forgery (CSRF)
CVSS Score
4.5
EPSS Score
0.0
Published
2025-11-17
CWE-20 Improper Input Validation
CVSS Score
4.5
EPSS Score
0.001
Published
2025-11-17
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-17