Vulnerabilities > Phpgurukul

DATE CVE VULNERABILITY TITLE RISK
2024-10-19 CVE-2024-10155 Cross-site Scripting vulnerability in PHPgurukul Boat Booking System 1.0
A vulnerability was found in PHPGurukul Boat Booking System 1.0.
network
low complexity
phpgurukul CWE-79
6.1
6.1
2024-10-19 CVE-2024-10156 SQL Injection vulnerability in PHPgurukul Boat Booking System 1.0
A vulnerability was found in PHPGurukul Boat Booking System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-10-19 CVE-2024-10154 SQL Injection vulnerability in PHPgurukul Boat Booking System 1.0
A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-10-19 CVE-2024-10153 Injection vulnerability in PHPgurukul Boat Booking System 1.0
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-74
critical
 9.8
9.8
2024-10-09 CVE-2024-46237 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
network
low complexity
phpgurukul CWE-79
5.4
5.4
2024-09-29 CVE-2024-9326 SQL Injection vulnerability in PHPgurukul Online Shopping Portal 2.0
A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-09-05 CVE-2024-8463 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.
network
low complexity
phpgurukul CWE-434
8.8
8.8
2024-09-05 CVE-2024-8464 SQL Injection vulnerability in PHPgurukul JOB Portal 1.0
SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it.
network
low complexity
phpgurukul CWE-89
7.5
7.5
2024-09-05 CVE-2024-8465 SQL Injection vulnerability in PHPgurukul JOB Portal 1.0
SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it.
network
low complexity
phpgurukul CWE-89
7.5
7.5
2024-09-05 CVE-2024-8466 SQL Injection vulnerability in PHPgurukul JOB Portal 1.0
SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it.
network
low complexity
phpgurukul CWE-89
7.5
7.5