Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-08 | CVE-2020-25271 | Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php. | 5.4 |
| 2020-10-08 | CVE-2020-25270 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 2.1 PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City. | 5.4 |
| 2020-09-22 | CVE-2020-25487 | SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0 PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php. | 7.8 |
| 2020-08-20 | CVE-2020-23936 | SQL Injection vulnerability in PHPgurukul Vehicle Parking Management System 1.0 PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)". | 9.8 |
| 2020-04-28 | CVE-2020-12429 | SQL Injection vulnerability in PHPgurukul Online Course Registration 2.0 Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php. | 9.8 |
| 2020-03-08 | CVE-2020-10225 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0 An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. | 9.8 |
| 2020-03-08 | CVE-2020-10224 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Online Book Store 1.0 An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. | 9.8 |
| 2020-03-05 | CVE-2020-10107 | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php. | 5.4 |
| 2020-03-05 | CVE-2020-10106 | SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. | 9.8 |
| 2020-01-14 | CVE-2020-5509 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 1.0 PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | 7.2 |