Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  >> Rail Pass Management System  >> 1.0  Security Vulnerabilities
CVE-2025-4039
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-04-28
CVE-2023-31932
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file.
CVSS Score
7.2
EPSS Score
0.01
Published
2023-07-28
CVE-2023-31933
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file.
CVSS Score
7.2
EPSS Score
0.009
Published
2023-07-28
CVE-2023-31934
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-07-28
CVE-2023-31935
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-07-28
CVE-2023-31936
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file.
CVSS Score
7.2
EPSS Score
0.009
Published
2023-07-28
CVE-2023-31937
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file.
CVSS Score
7.2
EPSS Score
0.008
Published
2023-07-28
CVE-2023-3275
A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view-pass-detail.php of the component POST Request Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The identifier VDB-231625 was assigned to this vulnerability.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-06-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved