Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.7 views

CVE-2024-30990

SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter...

9.8CVSS8.8AI score0.00628EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.5 views

CVE-2024-30987

Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters...

6.8CVSS7.1AI score0.00576EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:16 a.m.9 views

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...

9.8CVSS8.8AI score0.00695EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:15 a.m.4 views

CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...

5.4CVSS7.1AI score0.00442EPSS
Exploits1References1
OSV
OSV
added 2024/04/17 6:15 p.m.5 views

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...

9.8CVSS6.1AI score0.00695EPSS
Exploits1References1
OSV
OSV
added 2024/04/17 6:15 p.m.3 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

6.5CVSS6.1AI score0.00429EPSS
Exploits1References1
OSV
OSV
added 2024/04/17 6:15 p.m.4 views

CVE-2024-30988

Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar...

6.8CVSS6.1AI score0.00576EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.6 views

PT-2024-23710 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System using PHP & MySQL version 1.1 Description: The issue allows attackers to execute arbitrary code via the cname, comname, state, and city parameters in the "/edit-client-details.php" endpoint. This enables...

5.4CVSS7.2AI score0.00442EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.4 views

PT-2024-23708 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information. This is achieved via the fromdate and todate parameters in the "/bwdates-reports-ds.php" API...

6.8CVSS7.4AI score0.00576EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.6 views

PT-2024-23712 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows an attacker to execute arbitrary SQL commands via the searchdata parameter in the "Invoices" page. This enables the attacker to manipulate the database, potentially...

9.8CVSS7.8AI score0.00628EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-23709 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the "Search bar" in the /search-invoices.php endpoint. This is a Cross Site Scripting...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References4
Rows per page
Query Builder