Vulnerabilities > Phpgurukul > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-37745 | Cross-site Scripting vulnerability in PHPgurukul Maid Hiring Management System 1.0 A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Description of the /admin/aboutus.php component. | 6.1 |
| 2023-07-10 | CVE-2023-36936 | Cross-site Scripting vulnerability in PHPgurukul Online Security Guards Hiring System 1.0 Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System using PHP and MySQL 1.0 allows attackers to execute arbitrary code via a crafted payload to the search booking box. | 6.1 |
| 2023-07-10 | CVE-2023-36939 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 2.1 Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field. | 6.1 |
| 2023-07-10 | CVE-2023-36940 | Cross-site Scripting vulnerability in PHPgurukul Online Fire Reporting System 1.2 Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v.1.2 allows attackers to execute arbitrary code via a crafted payload injected into the search field. | 4.8 |
| 2023-07-10 | CVE-2023-36375 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 2.1 Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page. | 5.4 |
| 2023-07-10 | CVE-2023-36376 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 2.1 Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section. | 4.8 |
| 2023-06-28 | CVE-2023-34647 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 1.0 PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2023-06-28 | CVE-2023-34652 | Cross-site Scripting vulnerability in PHPgurukul Hostel Management System 1.0 PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course. | 6.1 |
| 2023-06-26 | CVE-2023-33580 | Cross-site Scripting vulnerability in PHPgurukul Student Study Center Management System 1.0 Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page. | 4.8 |
| 2023-06-15 | CVE-2023-34666 | Cross-site Scripting vulnerability in PHPgurukul Cyber Cafe Management System 1.0 Cross-site scripting (XSS) vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter. | 6.1 |