10 matches found
CVE-2025-5227
The CVE-2025-5227 entry concerns PHPGurukul Small CRM 3.0 with a SQL injection in the /admin/manage-tickets.php endpoint. The vulnerability arises from unsafely handling the aremark parameter, enabling remote exploitation and potentially exposing or modifying database data. Multiple connected sou...
CVE-2025-5227 PHPGurukul Small CRM manage-tickets.php sql injection
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...
CVE-2025-5227 PHPGurukul Small CRM manage-tickets.php sql injection
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...
CVE-2020-10432
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-tickets.php by adding a question mark ? followed by the payload...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-tickets.php by adding a question mark ? followed by the payload...
CVE-2020-10499
The connected records provide concrete details for CVE-2020-10499: Chadha PHPKB Standard Multi-Language v9 contains a cross-site request forgery (CSRF) flaw in the admin/manage-tickets.php endpoint. An attacker can close any ticket by crafting a request that, when executed by an authenticated use...
CVE-2020-10489
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request...
CVE-2020-10489
CVE-2020-10489 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/manage-tickets.php endpoint. An attacker can cause a user’s browser to issue a crafted request to delete a ticket, due to inadequate protection against cross-site request forgery. The CVE is docum...
CVE-2020-10432
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-tickets.php by adding a question mark ? followed by the payload...
CVE-2020-10432
The CVE-2020-10432 entry applies to Chadha PHPKB Standard Multi-Language 9, where URI handling in admin/header.php enables a Reflected XSS in admin/manage-tickets.php when a leading question mark is followed by a payload. The Red Hat CVE records corroborate a similar issue affecting admin/header....