11 matches found
CVE-2024-30990
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter...
CVE-2024-30987
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters...
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...
CVE-2024-30989
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...
CVE-2024-30986
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...
CVE-2024-30988
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar...
PT-2024-23710 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System using PHP & MySQL version 1.1 Description: The issue allows attackers to execute arbitrary code via the cname, comname, state, and city parameters in the "/edit-client-details.php" endpoint. This enables...
PT-2024-23708 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information. This is achieved via the fromdate and todate parameters in the "/bwdates-reports-ds.php" API...
PT-2024-23712 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows an attacker to execute arbitrary SQL commands via the searchdata parameter in the "Invoices" page. This enables the attacker to manipulate the database, potentially...
PT-2024-23709 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the "Search bar" in the /search-invoices.php endpoint. This is a Cross Site Scripting...