250 matches found
EUVD-2025-26218
Malicious code in bioql PyPI...
EUVD-2025-24676
Malicious code in bioql PyPI...
EUVD-2025-28427
Malicious code in bioql PyPI...
EUVD-2023-35803
Malicious code in bioql PyPI...
EUVD-2025-29189
Malicious code in bioql PyPI...
EUVD-2025-29756
Malicious code in bioql PyPI...
EUVD-2024-54997
Malicious code in bioql PyPI...
PHPGurukul User Registration & Login and User Management System Security Vulnerability
PHPGurukul User Registration & Login and User Management System is a user registration & login and user management system from PHPGurukul Inc. A security vulnerability exists in PHPGurukul User Registration & Login and User Management System version V3.3, which originates from unverified input of...
CVE-2025-28016
A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...
CVE-2025-11053
A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could b...
CVE-2025-11053
A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could b...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-10663 PHPGurukul Online Course Registration my-profile.php sql injection
A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used...
PT-2025-38319
Name of the Vulnerable Software and Affected Versions PHPGurukul Small CRM version 4.0 Description A SQL injection issue exists in PHPGurukul Small CRM 4.0. The issue is located in the file /create-ticket.php within an unknown function. Manipulation of the subject argument can lead to SQL...
CVE-2025-57118
An issue in PHPGurukul Online-Library-Management-System v3.0 allows an attacker to escalate privileges via the index.php...
CVE-2025-57118
CVE-2025-57118 affects PHPGurukul Online-Library-Management-System v3.0, with a mismanagement of privileges in index.php that enables an elevation of privileges. The NVD/CNVD/RH entries describe a high-impact, total compromise potential (CVSSv3.1: 9.8, CRITICAL; attack vector: NETWORK; privileges...
CVE-2025-40692
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'requestid' parameter in the endpoint '/ofrs/details.php'...
CVE-2025-40696 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This vulnerability could...
CVE-2025-40694 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fromdate' and 'todate' parameters via POST at the endpoint '/ofrs/admin/bwdates-report-result.php'. This vulnerability...
CVE-2025-40692 SQL injection in PHPGurukul Online Fire Reporting System
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'requestid' parameter in the endpoint '/ofrs/details.php'...