Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  Security Vulnerabilities
CVE-2025-25387
A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25388
A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the editid GET request parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-02-13
CVE-2025-25389
A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-02-13
CVE-2025-25352
A SQL Injection vulnerability was found in /admin/aboutus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the pagetitle POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25354
A SQL Injection was found in /admin/admin-profile.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactnumber POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25355
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the fromdate POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25356
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25357
A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-02-13
CVE-2025-25349
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-02-12
CVE-2025-25351
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-02-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved