Anujk305: Security Vulnerabilities
Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit-brand.php?bid={brandId}.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-05-15
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulation of the argument fromdate/tomdate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-05-05
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-04-29
Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata..
CVSS Score
5.4
EPSS Score
0.001
Published
2025-03-21
Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via the 'searchinputdata' parameter.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-03-21
PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-12-06
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.001
Published
2024-10-23
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-09-13
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done by injecting specially crafted SQL queries that make the database perform time-consuming operations, thereby confirming the presence of the SQL injection vulnerability based on the delay in the server's response.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-06-20
A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-09-30