Phpgurukul: >> Online Birth Certificate System Security Vulnerabilities
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-02-03
A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-12-17
Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-12-17
An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-17
A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-12-17
Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.
CVSS Score
6.1
EPSS Score
0.339
Published
2022-05-23