Vulnerabilities > Phpgurukul

DATE CVE VULNERABILITY TITLE RISK
2024-02-08 CVE-2024-24497 SQL Injection vulnerability in PHPgurukul Employee Management System 1.0
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtusername and txtpassword parameters in the login.php components.
network
low complexity
phpgurukul CWE-89
critical
9.8
2024-02-08 CVE-2024-24498 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Employee Management System 1.0
Unrestricted File Upload vulnerability in Employee Management System 1.0 allows a remote attacker to execute arbitrary code via the edit-photo.php component.
network
low complexity
phpgurukul CWE-434
critical
9.8
2024-02-08 CVE-2024-24499 SQL Injection vulnerability in PHPgurukul Employee Management System 1.0
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtfullname and txtphone parameters in the edit_profile.php component.
network
low complexity
phpgurukul CWE-89
critical
9.8
2024-01-18 CVE-2024-0651 SQL Injection vulnerability in PHPgurukul Company Visitor Management System 1.0
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0.
network
low complexity
phpgurukul CWE-89
7.2
2024-01-18 CVE-2024-0652 Cross-site Scripting vulnerability in PHPgurukul Company Visitor Management System 1.0
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0.
network
low complexity
phpgurukul CWE-79
4.8
2024-01-13 CVE-2024-0476 Cross-site Scripting vulnerability in PHPgurukul Blood Bank & Donor Management System 1.0
A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0.
network
low complexity
phpgurukul CWE-79
4.8
2024-01-12 CVE-2023-51978 SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.1
In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection.
network
low complexity
phpgurukul CWE-89
6.5
2024-01-12 CVE-2024-0459 SQL Injection vulnerability in PHPgurukul Blood Bank & Donor Management System
A vulnerability has been found in Blood Bank & Donor Management 5.6 and classified as critical.
network
low complexity
phpgurukul CWE-89
7.2
2024-01-10 CVE-2020-26627 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab.
network
low complexity
phpgurukul CWE-89
4.9
2024-01-10 CVE-2020-26628 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0 which allows an attacker to execute arbitrary web scripts or HTML code via a malicious payload appended to a username on the 'Edit Profile" page and triggered by another user visiting the profile.
network
low complexity
phpgurukul CWE-79
6.1