PT-2022-3049 · Unknown · Directory Management System

Name of the Vulnerable Software and Affected Versions: Directory Management System version 1.0 Description: The issue is related to a SQL injection vulnerability in the search-dirctory.php component of the Directory Management System. This vulnerability allows a remote attacker to execute arbitra...

Directory Management System SQL注入漏洞

Directory Management System is a directory management system by Anuj Kumar, a personal developer. A security vulnerability exists in Directory Management System v1.0, which can be exploited by an attacker to perform a SQL injection attack via the searchdata parameter in search-dirctory.php...

CVE-2021-39411

Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the 1 searchdata parameter in a doctor/search.php and b admin/patient-search.php, and the 2 fromdate and 3 todate parameters in admin/betweendates-detailsreports.php...

PHPGurukul Hospital Management System 跨站脚本漏洞

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System 4.0 has a security vulnerability that can be exploited by an attacker to conduct xss attacks using multiple parameters. The parameters that can be exploited are 1...

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

PHPGurukul Teachers Record Management System SQL注入漏洞

PHPGurukul Teachers Record Management System is a Teachers Record Management System from PHPGurukul. A SQL injection vulnerability exists in PHPGurukul Teachers Record Management System 1.0 that could allow a remotely authenticated attacker to create a new teacher record via the "editid" GET...

CVE-2020-35151

The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection...

CVE-2020-35151

CVE-2020-35151 affects The Online Marriage Registration System 1.0. The vulnerability is a Time-Based SQL Injection in the post parameter searchdata of user/search.php (and noted in admin/search.php in the exploit). Root cause: lack of input validation for searchdata, enabling attacker-controlled...

PT-2020-17269 · Unknown · The Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: The Online Marriage Registration System version 1.0 Description: The issue concerns a Time Based Sql Injection vulnerability in the searchdata post parameter of the "user/search.php" request. This vulnerability allows for potential...

Online Marriage Registration System 1.0 - 'searchdata' SQL Injection

Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...

Curfew e-Pass Management System 1.0 SQL Injection

Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Google Dork: N/A Date: 04.08.2020 Exploit Author: Mucahit Karadag Vendor Homepage: https://products.phpgurukul.com/product/curfew-e-pass-management-system-project-report/ Software Link:...

Company Visitor Management System (CVMS) 1.0 SQL Injection

Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/...

Cyber Cafe Management System SQL Injection

Exploit Title: Cyber Cafe Management System - Authentication Bypass Date: 2020-07-14 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Software Link:...

CVE-2020-5193

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...

Cross site scripting

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...

CVE-2020-5193

CVE-2020-5193 affects PHPGurukul Hospital Management System in PHP v4.0. The issue is multiple reflected XSS vulnerabilities exploitable via the searchdata and Doctorspecialization parameters, enabling injection of arbitrary scripts in end-user browsers. No official patch/version update details a...

PT-2020-18294 · Phpgurukul · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns multiple reflected XSS vulnerabilities. These can be triggered via the searchdata or Doctorspecialization parameter. Recommendations: For PHPGurukul...

WordPress Js-appointment plugin <= 1.5 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Js-appointment plugin = 1.5 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/js-appointment.1.5.zip Version: 1.5 tested Note:...