265 matches found
CVE-2025-51414
In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page...
CVE-2026-5814
A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/checkavailability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-5813
PHPGurukul Online Course Registration 3.1 is affected by a SQL injection in the file /check_availability.php, triggered by manipulating the cid parameter. The vulnerability can be exploited remotely and the exploit is publicly available. The CVSS metrics indicate a Network attack vector, low comp...
CVE-2026-5813 PHPGurukul Online Course Registration check_availability.php sql injection
A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /checkavailability.php. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...
PT-2026-31552
Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration version 3.1 Description A security issue exists in PHPGurukul Online Course Registration 3.1 related to the processing of the /admin/check availability.php file. Manipulation of the regno argument can lead...
CVE-2026-5636
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...
CVE-2026-5558
A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...
EUVD-2026-19209
A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...
EUVD-2026-19192
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...
CVE-2026-5636
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...
CVE-2026-5635
CVE-2026-5635 affects PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is in the Parameter Handler’s /categorywise-products.php, where manipulating the cid parameter leads to SQL injection. Attacks can be launched remotely and the exploit has been released publicly. Concrete remed...
CVE-2026-5583 PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
CVE-2026-5583 PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
CVE-2026-5558 PHPGurukul PHPGurukul Online Shopping Portal Project Parameter pending-orders.php sql injection
A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...
PHPGurukul Online Shopping Portal Project SQL注入漏洞
The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “pid” in the...
Exploit for SQL Injection in Phpgurukul Online_Shopping_Portal
CVE-2023-38890 – Online Shopping Portal 3.1 Remote C...
CVE-2020-10224
An unauthenticated file upload vulnerability has been identified in adminadd.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution...
CVE-2026-0733
A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of the argument id/cid causes sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-1582
A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/all-request.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1583
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/search-report-details.php. The manipulation of the argument searchinput leads to sql injection. It is possible to initiate the attack remotely. The...