272 matches found
CVE-2022-31382
Directory Management System v1.0 contains a SQL injection vulnerability in the search-dirctory.php component, exploitable via the searchdata parameter. This is the root cause described across multiple sources (CVE-2022-31382). Impact details are limited to the SQLi risk; CVSS scores in the cited ...
Directory Management System SQL注入漏洞
Directory Management System is a directory management system by Anuj Kumar, a personal developer. A security vulnerability exists in Directory Management System v1.0, which can be exploited by an attacker to perform a SQL injection attack via the searchdata parameter in search-dirctory.php...
PT-2022-3049
Name of the Vulnerable Software and Affected Versions Directory Management System version 1.0 Description The issue is related to a SQL injection vulnerability in the search-dirctory.php component of the Directory Management System. This vulnerability allows a remote attacker to execute arbitrary...
CVE-2021-39411
Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the 1 searchdata parameter in a doctor/search.php and b admin/patient-search.php, and the 2 fromdate and 3 todate parameters in admin/betweendates-detailsreports.php...
PHPGurukul Hospital Management System 跨站脚本漏洞
PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System 4.0 has a security vulnerability that can be exploited by an attacker to conduct xss attacks using multiple parameters. The parameters that can be exploited are 1...
CVE-2021-28423
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...
CVE-2021-28423
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...
PHPGurukul Teachers Record Management System SQL注入漏洞
PHPGurukul Teachers Record Management System is a Teachers Record Management System from PHPGurukul. A SQL injection vulnerability exists in PHPGurukul Teachers Record Management System 1.0 that could allow a remotely authenticated attacker to create a new teacher record via the "editid" GET...
CVE-2020-35151
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection...
Curfew e-Pass Management System 1.0 SQL Injection
Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Google Dork: N/A Date: 04.08.2020 Exploit Author: Mucahit Karadag Vendor Homepage: https://products.phpgurukul.com/product/curfew-e-pass-management-system-project-report/ Software Link:...
CVE-2020-5193
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...
PT-2020-18294 · Phpgurukul · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns multiple reflected XSS vulnerabilities. These can be triggered via the searchdata or Doctorspecialization parameter. Recommendations: For PHPGurukul...