Vulnerabilities > Phpgurukul > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-37688 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page. | 4.8 |
| 2023-08-08 | CVE-2023-37689 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page. | 4.8 |
| 2023-08-08 | CVE-2023-37690 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. | 4.8 |
| 2023-07-28 | CVE-2023-31934 | Cross-site Scripting vulnerability in PHPgurukul Rail Pass Management System 1.0 Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php. | 4.8 |
| 2023-07-28 | CVE-2023-31935 | Cross-site Scripting vulnerability in PHPgurukul Rail Pass Management System 1.0 Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php. | 4.8 |
| 2023-07-27 | CVE-2023-36942 | Cross-site Scripting vulnerability in PHPgurukul Online Fire Reporting System 1.2 A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field. | 6.1 |
| 2023-07-27 | CVE-2023-36941 | Cross-site Scripting vulnerability in PHPgurukul Online Fire Reporting System 1.2 A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields. | 6.1 |
| 2023-07-13 | CVE-2023-37746 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter of the /admin/contactus.php component. | 6.1 |
| 2023-07-13 | CVE-2023-37743 | Cross-site Scripting vulnerability in PHPgurukul Teacher Subject Allocation System 1.0 A cross-site scripting (XSS) vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box. | 6.1 |
| 2023-07-13 | CVE-2023-37744 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-booking-request.php. | 6.1 |