CVE-2025-15398

Uasoft Badaso up to version 2.9.7 has a weakness in the forgetPassword path of the Token Handler (src/Controllers/BadasoAuthController.php). The vulnerability, described as a remote‑executable weakness in password recovery, arises from the forgetPassword function and is characterized by high atta...

CVE-2021-43451

SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php...

PT-2021-23848 · Unknown · Phpgurukul Employee Record Management System

Name of the Vulnerable Software and Affected Versions: PHPGURUKUL Employee Record Management System version 1.2 Description: A SQL Injection issue exists via the Email POST parameter in the "/forgetpassword.php" API endpoint. This allows for potential exploitation. Recommendations: For PHPGURUKUL...

Phpgurukul Employee Record Management System SQL注入漏洞

Employee Record Management System is an employee record management system. Employee Record Management System has a SQL injection vulnerability that originates from a SQL injection vulnerability in the Email POST parameter via /forgetpassword.php, no detailed vulnerability details are available at...