10 matches found
CVE-2025-40695 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint '/ofrs/admin/request-details.php'. This...
CVE-2025-40689 SQL injection in PHPGurukul Online Fire Reporting System
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...
PT-2025-37178
Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting XSS issue. This is due to insufficient validation of user-supplied fromdate and todate parameters via a POST request...
PT-2025-37180
Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting issue. The vulnerability is due to insufficient validation of user inputs for the fullname, location, and message...
Online Fire Reporting System SQL注入漏洞
Online Fire Reporting System is an online fire reporting system developed by Carlo Montero. A SQL injection vulnerability exists in Online Fire Reporting System version 1.2, which stems from incorrect manipulation of the parameters mobilenumber, teamleadname, and teammember in the file...
Online Fire Reporting System /search-report-result.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter serachdata in the file /search-report-result.php. An attacker c...
Online Fire Reporting System /edit-guard-detail.php File SQL Injection Vulnerability
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that are missing from the editid parameter of the edit-guard-detail.php file. An...
CVE-2024-34987
A SQL Injection vulnerability exists in the ofrs/admin/index.php script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the login process...
CVE-2022-31977
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam...
Online Fire Reporting System SQL注入漏洞
Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=teams/view team&id=Lack of validation of external input SQL statements, an...