48 matches found
EUVD-2024-54630
Malicious code in bioql PyPI...
EUVD-2025-17015
Malicious code in bioql PyPI...
EUVD-2025-17017
Malicious code in bioql PyPI...
Medical Card Generation System Manage Card Function Cross-Site Request Forgery Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a cross-site request forgery vulnerability that stems from the lack of CSRF protection in the Manage Card feature, which can be exploited by an attacker to send a simple GET request...
Medical Card Generation System Cross-Site Scripting Vulnerability
Medical Card Generation System is a medical card generation system. A cross-site scripting vulnerability exists in Medical Card Generation System, which stems from improper cleanup of the contact page name field and can be exploited by an attacker to inject malicious JavaScript...
CVE-2025-50369
A Cross-Site Request Forgery CSRF vulnerability exists in the Manage Card functionality /mcgs/admin/manage-card.php of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET request without verifying...
CVE-2025-50367
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
CVE-2025-50367
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...
PHPGurukul Medical Card Generation System 安全漏洞
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a cross-site request forgery vulnerability that stems from the lack of CSRF protection in the Manage Card feature, which can be exploited by an attacker to send a simple GET request...
PHPGurukul Medical Card Generation System 安全漏洞
Medical Card Generation System is a medical card generation system. A cross-site scripting vulnerability exists in Medical Card Generation System, which stems from improper cleanup of the contact page name field and can be exploited by an attacker to inject malicious JavaScript...
Medical Card Generation System /admin/readenq.php File SQL Injection Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the /admin/readenq.php file. An attacker can...
Medical Card Generation System HTML Injection Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from an HTML injection vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pagedes parameter of admin/contactus.php, which can be...
CVE-2025-5668
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
PHPGurukul Medical Card Generation System 安全漏洞
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the /admin/manage-card.php file. An attacker ca...
CVE-2024-51099
A reflected cross-site scripting XSS vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the searchda...
CVE-2024-51099
A reflected cross-site scripting XSS vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the searchda...
CVE-2024-48704
Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes...
CVE-2024-51108
Multiple stored cross-site scripting XSS vulnerabilities in the component /admin/card-bwdates-report.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fromdate and todate...