Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  >> User Registration & Login And User Management System  >> 3.2  Security Vulnerabilities
CVE-2024-48284
A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-11-14
CVE-2024-50843
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-11-14
CVE-2024-48278
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php.
CVSS Score
5.5
EPSS Score
0.002
Published
2024-10-15
CVE-2024-48279
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.
CVSS Score
7.6
EPSS Score
0.007
Published
2024-10-15
CVE-2024-48280
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request.
CVSS Score
7.6
EPSS Score
0.007
Published
2024-10-15
CVE-2024-48282
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request.
CVSS Score
7.6
EPSS Score
0.012
Published
2024-10-15
CVE-2024-48283
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved