Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2023-37771 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.0 Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php. | 9.8 |
| 2023-07-28 | CVE-2023-31932 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31933 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31934 | Cross-site Scripting vulnerability in PHPgurukul Rail Pass Management System 1.0 Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php. | 4.8 |
| 2023-07-28 | CVE-2023-31935 | Cross-site Scripting vulnerability in PHPgurukul Rail Pass Management System 1.0 Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php. | 4.8 |
| 2023-07-28 | CVE-2023-31936 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31937 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file. | 7.2 |
| 2023-07-27 | CVE-2023-36942 | Cross-site Scripting vulnerability in PHPgurukul Online Fire Reporting System 1.2 A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field. | 6.1 |
| 2023-07-27 | CVE-2023-36941 | Cross-site Scripting vulnerability in PHPgurukul Online Fire Reporting System 1.2 A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields. | 6.1 |
| 2023-07-13 | CVE-2023-37746 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter of the /admin/contactus.php component. | 6.1 |