CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

114 matches found

CNVD•added 2026/01/19 12:0 a.m.•3 views

Cyber Cafe Management System adminprofile.php Endpoint SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that stems from the adminprofile.php endpoint's adminname parameter not being sufficiently cleaned of user input, no details of the vulnerability are availab...

8.8CVSS5.9AI score0.00019EPSS

Exploits2References1

RedhatCVE•added 2026/01/16 12:24 a.m.•2 views

CVE-2025-70893

A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint. The application fails to properly sanitize user-supplied input provided via the adminname parameter, allowing authenticated attackers to inject arbitrary SQL...

8.8CVSS7.9AI score0.00019EPSS

Exploits2References1

OSV•added 2026/01/15 9:16 p.m.•2 views

CVE-2025-70893

8.8CVSS6AI score0.00019EPSS

Exploits2References2

CNNVD•added 2026/01/15 12:0 a.m.•2 views

PHPGurukul Cyber Cafe Management System 安全漏洞

8.8CVSS5.8AI score0.00019EPSS

Exploits2References3

CVE•added 2026/01/15 12:0 a.m.•9 views

CVE-2025-70893

CVE-2025-70893 affects PHPGurukul Cyber Cafe Management System v1.0 in adminprofile.php (adminname parameter). The vulnerability is a time-based blind SQL Injection caused by insufficient input sanitization, allowing authenticated attackers to inject arbitrary SQL expressions. Impact is rated Hig...

8.8CVSS7.5AI score0.00019EPSS

Exploits2References2Affected Software1

EUVD•added 2026/01/15 12:0 a.m.•3 views

EUVD-2026-2686

8.8CVSS7.4AI score0.00019EPSS

Exploits2References4

Vulnrichment•added 2026/01/15 12:0 a.m.•1 views

CVE-2025-70893

7.5AI score0.00019EPSS

Exploits2References2

Positive Technologies•added 2026/01/15 12:0 a.m.•3 views

PT-2026-3117

Name of the Vulnerable Software and Affected Versions PHPGurukul Cyber Cafe Management System version 1.0 Description The application does not properly sanitize user-supplied input provided via the adminname parameter in the /adminprofile.php endpoint, which can allow authenticated attackers to...

8.8CVSS7.1AI score0.00019EPSS

Exploits2References6

Cvelist•added 2026/01/15 12:0 a.m.•16 views

CVE-2025-70893

0.00019EPSS

Exploits2References2

ATTACKERKB•added 2026/01/15 12:0 a.m.•4 views

CVE-2025-70893

8.8CVSS6.2AI score0.00019EPSS

Exploits2References3

CNVD•added 2025/11/18 12:0 a.m.•2 views

Student Record System admin-profile.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the adminname and aemailid parameters of admin-profile.php. An attacker can exploit this vulnerability t...

6.5CVSS8.3AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2025/11/15 12:47 a.m.•4 views

CVE-2024-44636

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

6.5CVSS8AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2025/11/15 12:47 a.m.•6 views

CVE-2024-44635

PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...

6.1CVSS6.3AI score0.00033EPSS

Exploits1References1

NVD•added 2025/11/14 4:15 p.m.•1 views

CVE-2024-44636

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

6.5CVSS0.00035EPSS

Exploits0References1

Vulnrichment•added 2025/11/14 12:0 a.m.•3 views

CVE-2024-44635

PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...

5.8AI score0.00033EPSS

Exploits1References2

Vulnrichment•added 2025/11/14 12:0 a.m.•2 views

CVE-2024-44636

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

7.6AI score0.00035EPSS

Exploits0References1

CVE•added 2025/11/14 12:0 a.m.•4 views

CVE-2024-44635

CVE-2024-44635 affects PHPGurukul Student Record System 3.20. A cross-site scripting vulnerability exists in admin-profile.php via the adminname and aemailid parameters due to inadequate input handling. This is confirmed across multiple sources (CNVD, Red Hat, NVD, etc.). Impact per the CVSS metr...

6.1CVSS5.8AI score0.00033EPSS

Exploits1References2Affected Software1

CVE•added 2025/11/14 12:0 a.m.•5 views

CVE-2024-44636

CVE-2024-44636 affects PHPGurukul Student Record System 3.20. A SQL Injection flaw exists in /admin-profile.php, exploitable via the parameters adminname and aemailid . The vulnerability, confirmed across multiple sources, could allow an attacker to execute SQL commands and access database data. ...

6.5CVSS7.6AI score0.00035EPSS

Exploits0References1Affected Software1

EUVD•added 2025/11/14 12:0 a.m.•1 views

EUVD-2024-55077

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

6.5CVSS7.5AI score0.00035EPSS

Exploits0References2

Positive Technologies•added 2025/11/14 12:0 a.m.•4 views

PT-2025-46961

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.20 Description The PHPGurukul Student Record System is affected by a Cross-Site Scripting XSS issue. The issue is located in the '/admin-profile.php' file and involves the adminname and aemailid...

6.1CVSS6.1AI score0.00033EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by