Phpgurukul: >> Employee Record Management System Security Vulnerabilities
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.php. The manipulation of the argument coursepg/yophsc leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-05-02
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-05-01
Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-10-28
Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-10-28
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-12-13
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.
CVSS Score
9.8
EPSS Score
0.001
Published
2021-12-13
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php.
CVSS Score
9.8
EPSS Score
0.015
Published
2021-12-01
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-20
Page 2