107 matches found
EUVD-2025-1893
Malicious code in bioql PyPI...
EUVD-2025-2117
Malicious code in bioql PyPI...
EUVD-2025-1892
Malicious code in bioql PyPI...
EUVD-2024-54630
Malicious code in bioql PyPI...
EUVD-2025-1891
Malicious code in bioql PyPI...
EUVD-2025-17017
Malicious code in bioql PyPI...
EUVD-2025-17015
Malicious code in bioql PyPI...
EUVD-2025-2116
Malicious code in bioql PyPI...
Medical Card Generation System Manage Card Function Cross-Site Request Forgery Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a cross-site request forgery vulnerability that stems from the lack of CSRF protection in the Manage Card feature, which can be exploited by an attacker to send a simple GET request...
Medical Card Generation System Cross-Site Scripting Vulnerability
Medical Card Generation System is a medical card generation system. A cross-site scripting vulnerability exists in Medical Card Generation System, which stems from improper cleanup of the contact page name field and can be exploited by an attacker to inject malicious JavaScript...
CVE-2025-50369
A Cross-Site Request Forgery CSRF vulnerability exists in the Manage Card functionality /mcgs/admin/manage-card.php of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET request without verifying...
CVE-2025-50367
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
CVE-2025-50367
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
PHPGurukul Medical Card Generation System 安全漏洞
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a cross-site request forgery vulnerability that stems from the lack of CSRF protection in the Manage Card feature, which can be exploited by an attacker to send a simple GET request...
PHPGurukul Medical Card Generation System 安全漏洞
Medical Card Generation System is a medical card generation system. A cross-site scripting vulnerability exists in Medical Card Generation System, which stems from improper cleanup of the contact page name field and can be exploited by an attacker to inject malicious JavaScript...
Medical Card Generation System /admin/readenq.php File SQL Injection Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the /admin/readenq.php file. An attacker can...
Medical Card Generation System HTML Injection Vulnerability
Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from an HTML injection vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pagedes parameter of admin/contactus.php, which can be...
CVE-2025-5668
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...