Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-08 | CVE-2022-27992 | SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0 Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | 8.8 |
| 2022-02-18 | CVE-2021-46110 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. | 9.8 |
| 2022-02-15 | CVE-2022-24226 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | 7.5 |
| 2022-02-11 | CVE-2020-36062 | Use of Hard-coded Credentials vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0 Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | 9.8 |
| 2022-02-10 | CVE-2022-24646 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters. | 7.5 |
| 2022-01-31 | CVE-2022-24263 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. | 9.8 |
| 2021-12-16 | CVE-2021-44315 | Files or Directories Accessible to External Parties vulnerability in PHPgurukul BUS Pass Management System 1.0 In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server. | 7.5 |
| 2021-12-16 | CVE-2021-44317 | Cross-site Scripting vulnerability in PHPgurukul BUS Pass Management System 1.0 In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability. | 5.4 |
| 2021-12-13 | CVE-2021-44965 | Path Traversal vulnerability in PHPgurukul Employee Record Management System 1.2 Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server. | 7.5 |
| 2021-12-13 | CVE-2021-44966 | SQL Injection vulnerability in PHPgurukul Employee Record Management System 1.2 SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. | 9.8 |