Lucene search
K

7 matches found

EUVD
EUVD
added 2025/12/31 3:32 p.m.3 views

EUVD-2025-206030

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited...

6.5CVSS6.2AI score0.00345EPSS
Exploits1References7
EUVD
EUVD
added 2025/11/17 6:30 p.m.4 views

EUVD-2024-55090

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via the aremark parameter in manage-tickets.php...

6.1CVSS5.7AI score0.00196EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/09/20 12:32 p.m.13 views

CVE-2025-10664

A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

9.8CVSS7.4AI score0.00387EPSS
Exploits1References1
CVE
CVE
added 2025/09/09 12:32 a.m.18 views

CVE-2025-10114

CVE-2025-10114 describes a SQL injection vulnerability in PHPGurukul Small CRM 4.0’s file /profile.php where the Name parameter can be manipulated to execute arbitrary SQL. The connected documents confirm remote exploitation and that the exploit has been publicly disclosed, affecting the web appl...

9.8CVSS7.4AI score0.00384EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/30 12:59 a.m.3 views

CVE-2025-50484

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack...

7.1CVSS7.4AI score0.00261EPSS
Exploits1References1
CVE
CVE
added 2024/12/29 3:0 a.m.48 views

CVE-2024-13001

CVE-2024-13001 affects PHPGurukul Small CRM 1.0. The vulnerability is an SQL injection in an unknown function of /admin/index.php, triggered by manipulating the email parameter. It can be exploited remotely and the exploit has been disclosed publicly. Reported impact is high for confidentiality, ...

9.8CVSS6.8AI score0.00406EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/04/12 3:15 p.m.21 views

CVE-2024-3690

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

8.8CVSS6.8AI score0.01284EPSS
Exploits1References4
Rows per page
Query Builder