Vulnerabilities > Phpgurukul > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-28 | CVE-2020-12429 | SQL Injection vulnerability in PHPgurukul Online Course Registration 2.0 Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php. | 9.8 |
| 2020-03-08 | CVE-2020-10225 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0 An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. | 9.8 |
| 2020-03-08 | CVE-2020-10224 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Online Book Store 1.0 An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. | 9.8 |
| 2020-03-05 | CVE-2020-10106 | SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. | 9.8 |
| 2020-01-08 | CVE-2020-5510 | SQL Injection vulnerability in PHPgurukul Hostel Management System 2.0 PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file. | 9.8 |
| 2020-01-07 | CVE-2020-5307 | SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0 PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php. | 9.8 |