Rail Pass Management System /rpms/download-pass.php file cross-site scripting vulnerability

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a cross-site scripting vulnerability that stems from improper handling of the searchdata parameter in the /rpms/download-pass.php file. An attacker could use this vulnerability to inject a...

CVE-2025-5975

A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotel...

PHPGurukul Rail Pass Management System 代码注入漏洞

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a cross-site scripting vulnerability that stems from improper handling of the searchdata parameter in the /rpms/download-pass.php file. An attacker could use this vulnerability to inject a...

CVE-2025-5553

A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download-pass.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The...

PHPGurukul Rail Pass Management System 注入漏洞

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata in the file /download-pass.php. An attacker can...

Rail Pass Management System 1.0 - Time-Based SQL Injection Vulnerability

Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479 Version: 1.0 Test...

CVE-2022-35156

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php...