EUVD-2019-19823

Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email...

CVE-2025-65647

CVE-2025-65647 applies to PHPGURUKUL Online Shopping Portal 2.1, where an Insecure Direct Object Reference (IDOR) in the Track order function allows information disclosure via the oid parameter. The vulnerability stems from insufficient access control when referencing data sent from the client as...

PT-2025-47198

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal version 2.0 is susceptible to SQL Injection. This issue affects the username parameter within the admin page. Exploitation of this flaw could allow...

PT-2025-47199

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal is susceptible to a Cross Site Scripting XSS issue. This flaw is located in the my-cart.php file and specifically affects the quantity parameter...

PT-2025-47202

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal 2.0 is susceptible to SQL Injection due to improper handling of the email parameter in the forgot-password.php script. Successful exploitation allo...

PT-2025-36461

CVE ID: CVE-2025-0004 Published: 2025-04-12T00:00:00.000Z Severity: MEDIUM 6.1/10 Description Cross-site scripting XSS vulnerability in the user management interface of Enterprise Portal v2.3.0 allows attackers to inject arbitrary web scripts. Root Cause Improper neutralization of input during we...