Vulnerabilities > Phpgurukul
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-40484 | Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. | 6.1 |
| 2024-08-06 | CVE-2024-41333 | Cross-site Scripting vulnerability in PHPgurukul Tourism Management System 2.0 A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. | 6.1 |
| 2024-01-18 | CVE-2024-0651 | SQL Injection vulnerability in PHPgurukul Company Visitor Management System 1.0 A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. | 7.2 |
| 2024-01-18 | CVE-2024-0652 | Cross-site Scripting vulnerability in PHPgurukul Company Visitor Management System 1.0 A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. | 4.8 |
| 2024-01-13 | CVE-2024-0476 | Cross-site Scripting vulnerability in PHPgurukul Blood Bank & Donor Management System 1.0 A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0. | 4.8 |
| 2024-01-12 | CVE-2023-51978 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.1 In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection. | 6.5 |
| 2024-01-12 | CVE-2024-0459 | SQL Injection vulnerability in PHPgurukul Blood Bank & Donor Management System A vulnerability has been found in Blood Bank & Donor Management 5.6 and classified as critical. | 7.2 |
| 2024-01-10 | CVE-2020-26627 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a crafted payload entered into the 'Admin Remark' parameter under the 'Contact Us Queries -> Unread Query' tab. | 4.9 |
| 2024-01-10 | CVE-2020-26628 | Cross-site Scripting vulnerability in PHPgurukul Hospital Management System 4.0 A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0 which allows an attacker to execute arbitrary web scripts or HTML code via a malicious payload appended to a username on the 'Edit Profile" page and triggered by another user visiting the profile. | 6.1 |
| 2024-01-10 | CVE-2020-26629 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Hospital Management System 4.0 A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server. | 9.8 |