7 matches found
EUVD-2025-206030
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited...
EUVD-2024-55090
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via the aremark parameter in manage-tickets.php...
CVE-2025-10664
A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2025-10114
CVE-2025-10114 describes a SQL injection vulnerability in PHPGurukul Small CRM 4.0’s file /profile.php where the Name parameter can be manipulated to execute arbitrary SQL. The connected documents confirm remote exploitation and that the exploit has been publicly disclosed, affecting the web appl...
CVE-2025-50484
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack...
CVE-2024-13001
CVE-2024-13001 affects PHPGurukul Small CRM 1.0. The vulnerability is an SQL injection in an unknown function of /admin/index.php, triggered by manipulating the email parameter. It can be exploited remotely and the exploit has been disclosed publicly. Reported impact is high for confidentiality, ...
CVE-2024-3690
A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...