Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-33470 | SQL Injection vulnerability in PHPgurukul Covid19 Testing Management System 1.0 COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel. | 9.8 |
| 2021-04-15 | CVE-2021-27545 | SQL Injection vulnerability in PHPgurukul Beauty Parlour Management System 1.0 SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter. | 6.5 |
| 2021-04-15 | CVE-2021-27544 | Cross-site Scripting vulnerability in PHPgurukul Beauty Parlour Management System 1.0 Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. | 4.8 |
| 2021-02-17 | CVE-2021-26809 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 2.0 PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | 9.8 |
| 2021-02-15 | CVE-2021-26822 | SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0 Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. | 9.8 |
| 2021-02-08 | CVE-2020-26052 | Cross-site Scripting vulnerability in PHPgurukul Online Marriage Registration System 1.0 Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters. | 5.4 |
| 2021-01-29 | CVE-2021-26304 | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | 5.4 |
| 2021-01-29 | CVE-2021-26303 | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | 6.1 |
| 2021-01-07 | CVE-2020-35745 | Missing Authorization vulnerability in PHPgurukul Hospital Management System 4.0 PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs. | 8.8 |
| 2020-12-21 | CVE-2020-35151 | SQL Injection vulnerability in PHPgurukul Online Marriage Registration System 1.0 The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection. | 8.8 |