Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. id: CVE-2022-31974 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL Injectio...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleterequest. id: CVE-2022-31976 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam. id: CVE-2022-31977 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to SQ...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry. id: CVE-2022-31978 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

CVE-2022-31980

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manageteam=...

CVE-2022-31973

Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=deleteimg...

CVE-2022-31982

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/viewrequest=...

CVE-2022-31906

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

CVE-2022-31977

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam...

CVE-2022-31983

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/managerequest=...

CVE-2022-31974

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports=...

CVE-2022-31879

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter...

CVE-2022-31978

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry...

CVE-2022-31981

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/viewteam=...

CVE-2025-40696

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This vulnerability could...

CVE-2025-40691

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'...

CVE-2025-40692

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'requestid' parameter in the endpoint '/ofrs/details.php'...

CVE-2025-40687

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'mobilenumber', 'teamleadname' and 'teammember' parameters in the endpoint '/ofrs/admin/add-team.php'...