Vulnerabilities > Phpgurukul > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-01 | CVE-2021-43137 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 2.1 Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. | 8.8 |
| 2021-10-27 | CVE-2021-37807 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database. | 7.5 |
| 2021-07-22 | CVE-2021-26762 | SQL Injection vulnerability in PHPgurukul Student Record System 4.0 SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php. | 8.8 |
| 2021-07-22 | CVE-2021-26764 | SQL Injection vulnerability in PHPgurukul Student Record System 4.0 SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php. | 8.8 |
| 2021-07-01 | CVE-2021-28423 | SQL Injection vulnerability in PHPgurukul Teachers Record Management System 1.0 Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php. | 8.8 |
| 2021-06-22 | CVE-2020-22164 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. | 7.5 |
| 2021-06-22 | CVE-2020-22165 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. | 7.5 |
| 2021-06-22 | CVE-2020-22166 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. | 7.5 |
| 2021-06-22 | CVE-2020-22168 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. | 7.5 |
| 2021-06-22 | CVE-2020-22169 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. | 7.5 |