Vulnerabilities > Phpgurukul > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-28 | CVE-2023-31936 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file. | 7.2 |
| 2023-07-28 | CVE-2023-31937 | SQL Injection vulnerability in PHPgurukul Rail Pass Management System 1.0 Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file. | 7.2 |
| 2022-10-28 | CVE-2021-35387 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. | 8.8 |
| 2022-09-26 | CVE-2022-40924 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0 Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system. | 7.2 |
| 2022-09-26 | CVE-2022-40925 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0 Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system. | 7.2 |
| 2022-09-22 | CVE-2022-40932 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0 In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system. | 7.2 |
| 2022-05-20 | CVE-2022-28992 | Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Online Banquet Booking System 1.0 A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | 8.8 |
| 2022-04-08 | CVE-2022-27992 | SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0 Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | 8.8 |
| 2022-02-15 | CVE-2022-24226 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | 7.5 |
| 2022-02-10 | CVE-2022-24646 | SQL Injection vulnerability in PHPgurukul Hospital Management System 4.0 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters. | 7.5 |