Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-05 | CVE-2024-8465 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8466 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8467 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8468 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8469 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8470 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8471 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8472 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-09-05 | CVE-2024-8473 | Cross-site Scripting vulnerability in PHPgurukul JOB Portal 1.0 Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. | 6.1 |
| 2024-08-12 | CVE-2024-40481 | Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter. | 5.4 |