Lucene search
+L

97 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 10:52 a.m.8 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 10:52 a.m.3 views

CVE-2026-5641

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

6.5CVSS5.6AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.5 views

CVE-2026-5560

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:0 a.m.9 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 9:0 a.m.3 views

CVE-2026-5640 PHPGurukul Online Shopping Portal Project Parameter update-image2.php sql injection

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 9:0 a.m.23 views

CVE-2026-5640

The CVE-2026-5640 entry concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is an SQL injection in an unknown function within /admin/update-image2.php of the Parameter Handler, triggered by manipulating the filename argument. It is described as remotely exploitable and publi...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:45 a.m.2 views

CVE-2026-5639

A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/06 8:45 a.m.8 views

CVE-2026-5639

PHPGurukul Online Shopping Portal Project 2.1 has a SQL injection flaw in the Parameter Handler’s /admin/update-image3.php. The vulnerability arises from manipulating the filename argument, enabling remote exploitation. Exploit published; CVSS notes range from 4.0 to 3.0 scales with PROOF-OF-CONC...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 8:16 a.m.4 views

CVE-2026-5635

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS0.00246EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 8:0 a.m.14 views

CVE-2026-5636

CVE-2026-5636 affects PHPGurukul Online Shopping Portal Project 2.1, specifically an issue in the Parameter Handler for the /cancelorder.php endpoint. Manipulation of the argument oid enables SQL injection, with remote exploitation possible. The description notes that an exploit has been made pub...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 8:0 a.m.34 views

CVE-2026-5636 PHPGurukul Online Shopping Portal Project Parameter cancelorder.php sql injection

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...

6.5CVSS0.00246EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 7:45 a.m.1 views

CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 7:45 a.m.33 views

CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS0.00246EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 12:16 a.m.8 views

CVE-2026-5606

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the atta...

6.5CVSS0.00255EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 12:0 a.m.3 views

CVE-2026-5606

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the atta...

6.5CVSS6.5AI score0.00255EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/06 12:0 a.m.18 views

CVE-2026-5606

The CVE-2026-5606 entry describes a SQL injection vulnerability in PHPGurukul Online Shopping Portal Project 2.1, specifically in the Parameter Handler’s unknown function within /order-details.php where the orderid argument is manipulable. The issue can be exploited remotely by an attacker and is...

6.5CVSS6.5AI score0.00255EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30590

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

6.5CVSS5.6AI score0.00196EPSS
Exploits0References6
CVE
CVE
added 2026/04/05 4:30 p.m.21 views

CVE-2026-5583

CVE-2026-5583 concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerability targets an unknown part of the file /my-profile.php in the Parameter Handler and arises from manipulating the argument fullname , which leads to a SQL injection. The issue is described as exploitable remotely ...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 4:30 p.m.14 views

CVE-2026-5583

A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/05 12:30 p.m.5 views

EUVD-2026-19063

A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...

6.5CVSS6.3AI score0.00255EPSS
Exploits0References6
Rows per page
Query Builder