Phpgurukul: >> Covid19 Testing Management System Security Vulnerabilities
A vulnerability classified as critical was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-04-27
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the mobnumber POST request parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-11-27
A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-11-27
A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-11-27
COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the "Admin name" parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-05-26
COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-05-26
Page 2