CVE-2025-2380 PHPGurukul Apartment Visitors Management System admin-profile.php sql injection

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-2374 PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The...

CVE-2025-2374

CVE-2025-2374 affects PHPGurukul Human Metapneumovirus Testing Management System 1.0. The vulnerability is a SQL injection in the profile.php handling of the parameters aid/adminname/mobilenumber/email, allowing an attacker to manipulate SQL statements remotely. The issue stems from unsafely proc...

CVE-2025-29427

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting XSS in profile.php via the memberfirst and memberlast parameters...

CVE-2025-29427

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting XSS in profile.php via the memberfirst and memberlast parameters...

CVE-2025-29427

The CVE-2025-29427 entry concerns Code-projects Online Class and Exam Scheduling System V1.0. The vulnerability is a Cross Site Scripting (XSS) flaw in profile.php, triggered by the parameters member_first and member_last. The issue arises from insufficient input handling (lack of proper filterin...

Online Class and Exam Scheduling System profile.php file cross-site scripting vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter username in the file...

CVE-2025-1955 code-projects Online Class and Exam Scheduling System profile.php cross site scripting

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

CVE-2025-1906 PHPGurukul Restaurant Table Booking System profile.php sql injection

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-1906 PHPGurukul Restaurant Table Booking System profile.php sql injection

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The...

Wazifa System profile.php file cross-site scripting vulnerability

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter postcontent in the /profile.php file, which can be exploited to execute arbitrary Web...

CVE-2025-1208

A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /Profile.php. The manipulation of the argument postcontent leads to cross site scripting. The attack may be initiated remotely. The exploit has be...

CVE-2025-1190 code-projects Job Recruitment load_user-profile.php cross site scripting

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/loaduser-profile.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Multiple parameters might be...

CVE-2025-1190 code-projects Job Recruitment load_user-profile.php cross site scripting

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/loaduser-profile.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Multiple parameters might be...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...

Code-Projects Wazifa System 代码注入漏洞

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter postcontent in the /profile.php file, which can be exploited to execute arbitrary Web...

Code-Projects Job Recruitment 代码注入漏洞

Code-Projects Job Recruitment is an open source job portal by Code-Projects. A code injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which stems from unknown code in the /parse/loaduser-profile.php file that does not properly handle user input...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name field in profile.php. The vulnerability stems from insufficient filtering/escaping of user data in profile.php. CVSSv3.1 base score is 5.4 (Medium) with Network, Low attack complexity...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...