CVE-2024-44630

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...

Pre-School Enrollment System visit.php file SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter gname in the file /visit.php. An attacker can...

CVE-2025-6322

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visit.php. The manipulation of the argument gname leads to sql injection. The attack may be launched remotely. The exploit has bee...

PHPGurukul Pre-School Enrollment System 注入漏洞

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter gname in the file /visit.php. An attacker can...

Multiple cross-site scripting vulnerabilities in concrete5

concrete5 is a free and open source content management system. concrete5 has multiple cross-site scripting vulnerabilities that allow remote attackers to exploit vulnerabilities to inject arbitrary web script or HTML via the gName parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 gName parameter in singlepages/dashboard/users/groups/bulkupdate.php or 2 instanceid parameter in tools/dashboard/sitemapdragrequest.p...

DEBIAN-CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...