Phpgurukul: Security Vulnerabilities
A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-02-23
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request parameter.
CVSS Score
8.8
EPSS Score
0.027
Published
2025-02-14
A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter.
CVSS Score
7.2
EPSS Score
0.02
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the editid GET request parameter.
CVSS Score
9.8
EPSS Score
0.021
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter.
CVSS Score
9.8
EPSS Score
0.021
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/aboutus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the pagetitle POST request parameter.
CVSS Score
7.2
EPSS Score
0.02
Published
2025-02-13
A SQL Injection was found in /admin/admin-profile.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactnumber POST request parameter.
CVSS Score
7.2
EPSS Score
0.02
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the fromdate POST request parameter.
CVSS Score
7.2
EPSS Score
0.02
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST request parameter.
CVSS Score
7.2
EPSS Score
0.027
Published
2025-02-13
A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter.
CVSS Score
7.2
EPSS Score
0.027
Published
2025-02-13