Vulnerabilities > Phpgurukul > Online Shopping Portal > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-18 | CVE-2023-38890 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. | 8.8 |
| 2023-08-01 | CVE-2023-37772 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. | 8.8 |
| 2021-10-27 | CVE-2021-37807 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database. | 7.5 |