Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  >> Client Management System  Security Vulnerabilities
CVE-2024-51209
Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-11-20
CVE-2024-48570
Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-10-22
CVE-2024-30989
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-04-17
CVE-2024-30990
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-04-17
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-04-17
CVE-2024-30986
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-04-17
CVE-2024-30987
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.
CVSS Score
6.8
EPSS Score
0.003
Published
2024-04-17
CVE-2024-30988
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar.
CVSS Score
6.8
EPSS Score
0.003
Published
2024-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved