Vulnerabilities > Phpgurukul > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-08 | CVE-2023-41594 | SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.1 Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters. | 7.5 |
| 2023-08-18 | CVE-2023-38890 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. | 8.8 |
| 2023-08-08 | CVE-2023-37687 | SQL Injection vulnerability in PHPgurukul Online Nurse Hiring System 1.0 Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the View Request of Nurse Page in the Admin portal. | 7.2 |
| 2023-08-01 | CVE-2023-37772 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. | 8.8 |
| 2023-07-28 | CVE-2023-31932 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31933 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31936 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31937 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file. | 7.2 |
| 2022-10-28 | CVE-2021-35387 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. | 8.8 |
| 2022-09-26 | CVE-2022-40924 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0 Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system. | 7.2 |