CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/11/14 12:0 a.m.•1 views

EUVD-2024-55078

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...

6.5CVSS7.1AI score0.00037EPSS

Exploits1References3

CNNVD•added 2025/11/10 12:0 a.m.•3 views

QDOCS Smart School 跨站脚本漏洞

QDOCS Smart School is a smart school management system from QDOCS, Inc. A cross-site scripting vulnerability exists in QDOCS Smart School version 7.0, which stems from insufficient input validation of the parameters firstname, lastname, and guardianname in the file/onlineadmission, and could lead...

5.4CVSS5.9AI score0.00035EPSS

Exploits0References1

NVD•added 2023/07/10 5:15 p.m.•9 views

CVE-2023-36375

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page...

5.4CVSS5.7AI score0.00227EPSS

Exploits1References4

Positive Technologies•added 2023/07/10 12:0 a.m.•3 views

PT-2023-25560

Name of the Vulnerable Software and Affected Versions Hostel Management System version 2.1 Description The issue allows an attacker to execute arbitrary code through a crafted payload to parameters such as Guardian name, Guardian relation, complimentary address, city, permanent address, and city ...

5.4CVSS6.2AI score0.00227EPSS

Exploits1References6

OSV•added 2021/11/05 4:15 p.m.•0 views

CVE-2021-39416

Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...

6.1CVSS5.8AI score

Exploits0References3

OSV•added 2021/01/26 6:15 p.m.•2 views

CVE-2020-36011

A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...

4.8CVSS6AI score0.00157EPSS

Exploits1References2

Prion•added 2021/01/26 6:15 p.m.•13 views

Cross site scripting

3.5CVSS5.1AI score0.00157EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/01/26 6:53 a.m.•16 views

CVE-2020-36011

5.1AI score0.00157EPSS

Exploits1References2

Packet Storm•added 2020/10/20 12:0 a.m.•711 views

Hostel Management System 2.1 Cross Site Scripting

Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City Google Dork: N/A Date: 2020-10-08 Exploit Author: Kokn3t Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/hostel-management-syste...

3.5CVSS5.6AI score0.00328EPSS

Exploits3

OSV•added 2020/10/08 1:15 p.m.•2 views

CVE-2020-25270

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City...

5.4CVSS6.1AI score0.00328EPSS

Exploits3References3

NVD•added 2020/10/08 1:15 p.m.•11 views

CVE-2020-25270

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City...

5.4CVSS0.00328EPSS

Exploits3References3