PHPGurukul Hospital Management System 4.0 - SQL Injection

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain sensitive database information. id: CVE-2020-22165 info: name: PHPGurukul Hospital Management System 4.0 - SQL Injection...

PHPGurukul Apartment Visitors Management System 安全漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. Version V1.1 of the PHPGurukul Apartment Visitors Management System has a security vulnerability. This vulnerability stems from an SQL injection issue with the contactno...

PHPGurukul Apartment Visitors Management System 安全漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. The PHPGurukul Apartment Visitors Management System V1.1 version has a security vulnerability. This vulnerability stems from an SQL injection issue with the username...

CVE-2026-6162 PHPGurukul Company Visitor Management System bwdates-reports-details.php cross site scripting

A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate leads to cross site scripting. The attack is possible to be carried out remotely. The exploit ha...

CVE-2026-5837

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-5814 PHPGurukul Online Course Registration check_availability.php sql injection

A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/checkavailability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-5635

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

CVE-2026-5583

A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...

CVE-2026-5635

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

EUVD-2026-19142

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the atta...

CVE-2026-5606 PHPGurukul Online Shopping Portal Project Parameter order-details.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the atta...

CVE-2026-5606 PHPGurukul Online Shopping Portal Project Parameter order-details.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the atta...

CVE-2026-5552 PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

CVE-2026-5552

CVE-2026-5552 concerns a SQL injection in PHPGurukul Online Shopping Portal Project 2.1. The issue is tied to the Parameter Handler component, specifically the file /sub-category.php where manipulation of the pid argument enables SQL injection. Remote exploitation is described as possible, and pu...

PT-2026-30428

A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...

PT-2026-30422

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

EUVD-2024-55490

A stored cross-site scripting XSS vulnerability in the component /admin/add-brand.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the brandname parameter...

CVE-2026-3402

A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The...

CVE-2026-2179

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...