Vulnerabilities > Phpgurukul

DATE CVE VULNERABILITY TITLE RISK
2020-03-08 CVE-2020-10225 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0.
network
low complexity
phpgurukul CWE-434
critical
9.8
2020-03-08 CVE-2020-10224 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Online Book Store 1.0
An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0.
network
low complexity
phpgurukul CWE-434
critical
9.8
2020-03-05 CVE-2020-10107 Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php.
network
low complexity
phpgurukul CWE-79
5.4
2020-03-05 CVE-2020-10106 SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.0
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php.
network
low complexity
phpgurukul CWE-89
critical
9.8
2020-01-14 CVE-2020-5509 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 1.0
PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image.
network
low complexity
phpgurukul CWE-434
7.2
2020-01-14 CVE-2020-5193 Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter.
network
low complexity
phpgurukul CWE-79
6.1
2020-01-09 CVE-2020-5308 Cross-site Scripting vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php.
network
low complexity
phpgurukul CWE-79
6.1
2020-01-08 CVE-2020-5510 SQL Injection vulnerability in PHPgurukul Hostel Management System 2.0
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
network
low complexity
phpgurukul CWE-89
critical
9.8
2020-01-07 CVE-2020-5307 SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
network
low complexity
phpgurukul CWE-89
critical
9.8
2020-01-06 CVE-2020-5192 SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
network
low complexity
phpgurukul CWE-89
8.8