163 matches found
CVE-2025-40691
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'...
Complaint Management System between-date-userreport.php file SQL Injection Vulnerability
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the fromdate and todate parameters in between-date-userreport.php. An attacker can...
Complaint Management System between-date-userreport.php file cross-site scripting vulnerability
Complaint Management System is a complaint management system. Complaint Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the fromdate and todate parameters in between-date-userreport.php, whic...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting XSS via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting XSS via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting XSS via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-44657
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-44657
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross-Site Scripting (XSS) in the between-date-userreport.php script, via the fromdate and todate parameters. The root cause, as described across multiple reports, is lack of proper filtering/escaping of user-supplied data, enabling inje...
CVE-2024-44657
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...
EUVD-2024-55096
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...
PHPGurukul Complaint Management System 安全漏洞
Complaint Management System is a complaint management system. Complaint Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the fromdate and todate parameters in between-date-userreport.php, whic...
PHPGurukul Complaint Management System 安全漏洞
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the fromdate and todate parameters in between-date-userreport.php. An attacker can...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting XSS via the fromdate and todate parameters in between-date-userreport.php...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting XSS via the fromdate and todate parameters in between-date-userreport.php...
PT-2025-47196
Name of the Vulnerable Software and Affected Versions PHPGurukul Complaint Management System version 2.0 Description The software is susceptible to a Cross Site Scripting XSS issue. This flaw is located in the between-date-userreport.php script and affects the fromdate and todate parameters...
CVE-2024-44657
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...
Beauty Parlour Management System sales-reports-detail.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameters fromdate and todate in the file /admin/sales-reports-detail.php for externally entered SQL statement...
CVE-2025-11330
A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/sales-reports-detail.php. Such manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit ha...
EUVD-2025-32609
A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate results in sql injection. The attack may be launched remotely. Th...