250 matches found
CVE-2025-40691
CVE-2025-40691 involves a SQL injection in PHPGurukul’s Online Fire Reporting System v1.2. The vulnerability is triggered via the todate parameter in /ofrs/admin/bwdates-report-result.php, enabling an attacker to retrieve, create, update, and delete data. Multiple sources (NVD/Red Hat/CVE lists) ...
CVE-2025-10079
A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...
CVE-2025-10114 PHPGurukul Small CRM profile.php sql injection
A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2025-10098
PHPGurukul User Management System 1.0 has a SQL injection in /admin/edit-user-profile.php when the uid argument is manipulated. The vulnerability is exploitable remotely, and public exploits have been released. The CVE is corroborated across NVD and other feeds (Red Hat, CVE List, PT Security) wi...
CVE-2025-10079
CVE-2025-10079 affects PHPGurukul Small CRM 4.0. The vulnerability is in the file /get-quote.php where manipulation of the contact parameter (Contact) enables a SQL injection. The issue can be exploited remotely, with exploit activity described as published and potentially usable in the wild. Doc...
CVE-2025-10079 PHPGurukul Small CRM get-quote.php sql injection
A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...
CVE-2025-9830
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-9932
The CVE-2025-9932 entry affects PHPGurukul Beauty Parlour Management System version 1.1. The vulnerability concerns an issue in the file /admin/update-image.php where manipulation of the lid parameter enables SQL injection. The attack is stated as remote with a published exploit. Connected source...
CVE-2025-57150
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to Cross Site Scripting XSS in admin/subcategory.php via the categoryName parameter...
CVE-2025-9830 PHPGurukul Beauty Parlour Management System add-customer-services.php sql injection
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-9814 PHPGurukul Beauty Parlour Management System contact-us.php sql injection
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber results in sql injection. It is possible to launch the attack remotely. The exploit has been releas...
CVE-2025-9656
A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. This vulnerability affects unknown code of the file /admin/add-directory.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The exploit has be...
PT-2025-33469 · Phpgurukul · Phpgurukul Beauty Parlour Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A SQL injection issue exists in PHPGurukul Beauty Parlour Management System 1.1, specifically within the /book-appointment.php file. The Message parameter is susceptible to...
PT-2025-33444 · Phpgurukul · Phpgurukul Online Shopping Portal Project 2.0
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal Project 2.0 Description: A SQL injection issue exists in the file shopping/bill-ship-addresses.php. Manipulation of the billingpincode argument can lead to SQL injection. The attack can be initiated remotely,...
CVE-2025-51044
phpgurukul Nipah virus NiV Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter...
CVE-2025-51044
phpgurukul Nipah virus NiV Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter...
PHPGurukul BP Monitoring Management System 安全漏洞
PHPGurukul BP Monitoring Management System is a bp monitoring management system from PHPGurukul. A security vulnerability exists in version 1.0 of the PHPGurukul BP Monitoring Management System, which originates from a SQL injection due to the incorrect operation of the parameter fromdate/todate ...
CVE-2025-7927
A vulnerability has been found in PHPGurukul Online Banquet Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/view-user-queries.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The...
PHPGurukul Online Banquet Booking System 代码注入漏洞
Online Banquet Booking System is an online banquet booking system. A cross-site scripting vulnerability exists in Online Banquet Booking System, which stems from ineffective filtering of inputs to the searchdata parameter in the /admin/booking-search.php file. No details of the vulnerability are...
CVE-2025-7834
A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may ...