Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2025/09/11 11:46 a.m.2 views

CVE-2025-40695 Cross Site Scripting in PHPGurukul Online Fire Reporting System

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint '/ofrs/admin/request-details.php'. This...

5.1CVSS5.1AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/11 11:21 a.m.8 views

CVE-2025-40689 SQL injection in PHPGurukul Online Fire Reporting System

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

9.3CVSS0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.4 views

PT-2025-37178

Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting XSS issue. This is due to insufficient validation of user-supplied fromdate and todate parameters via a POST request...

5.4CVSS5.7AI score0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.11 views

PT-2025-37180

Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting issue. The vulnerability is due to insufficient validation of user inputs for the fullname, location, and message...

5.4CVSS6AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.4 views

Online Fire Reporting System SQL注入漏洞

Online Fire Reporting System is an online fire reporting system developed by Carlo Montero. A SQL injection vulnerability exists in Online Fire Reporting System version 1.2, which stems from incorrect manipulation of the parameters mobilenumber, teamleadname, and teammember in the file...

9.8CVSS7.7AI score0.00312EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/11 12:0 a.m.1 views

Online Fire Reporting System /search-report-result.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter serachdata in the file /search-report-result.php. An attacker c...

8.8CVSS8.3AI score0.00369EPSS
Exploits1References1
CNVD
CNVD
added 2025/04/09 12:0 a.m.3 views

Online Fire Reporting System /edit-guard-detail.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that are missing from the editid parameter of the edit-guard-detail.php file. An...

9.8CVSS8.2AI score0.00514EPSS
Exploits1References1
OSV
OSV
added 2024/06/03 8:15 p.m.4 views

CVE-2024-34987

A SQL Injection vulnerability exists in the ofrs/admin/index.php script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the login process...

9.1CVSS5.9AI score0.00607EPSS
Exploits1References2
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2022-31977

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam...

9.8CVSS5.8AI score0.0716EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Online Fire Reporting System SQL注入漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=teams/view team&id=Lack of validation of external input SQL statements, an...

7.2CVSS6AI score0.01971EPSS
Exploits1References2
Rows per page
Query Builder