Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-26809 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 2.0 PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | 9.8 |
| 2021-02-15 | CVE-2021-26822 | SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0 Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. | 9.8 |
| 2021-02-08 | CVE-2020-26052 | Cross-site Scripting vulnerability in PHPgurukul Online Marriage Registration System 1.0 Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters. | 5.4 |
| 2021-01-29 | CVE-2021-26304 | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | 5.4 |
| 2021-01-29 | CVE-2021-26303 | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | 6.1 |
| 2021-01-07 | CVE-2020-35745 | Missing Authorization vulnerability in PHPgurukul Hospital Management System 4.0 PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs. | 8.8 |
| 2020-12-21 | CVE-2020-35151 | SQL Injection vulnerability in PHPgurukul Online Marriage Registration System 1.0 The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection. | 8.8 |
| 2020-11-18 | CVE-2020-24723 | Cross-site Scripting vulnerability in PHPgurukul User Registration & Login and User Management System 2.1 Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1. | 4.8 |
| 2020-11-17 | CVE-2020-28136 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Tourism Management System 1.0 An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | 8.8 |
| 2020-11-16 | CVE-2020-25952 | SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 2.1 SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. | 9.8 |