CVE-2025-5577 PHPGurukul Dairy Farm Shop Management System profile.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an unknown function of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-5577

CVE-2025-5577 affects PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability is a SQL injection in the /profile.php file, exploitable via the mobilenumber parameter. The issue is exploitable remotely and has been publicly disclosed. Several connected sources (NVD/CNVD/Red Hat/others)...

PT-2025-23782 · Unknown · Phpgurukul Dairy Farm Shop Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Dairy Farm Shop Management System version 1.3 Description: A critical issue was found in the PHPGurukul Dairy Farm Shop Management System. The problem is related to an unknown function of the file /profile.php. The manipulation of...

CVE-2025-5431 AssamLook CMS department-profile.php sql injection

A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2024-27744

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component...

CVE-2024-53481

A Cross Site Scripting XSS vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters...

CVE-2023-47446

Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting XSS on the profile.php page via fullname parameter...

CVE-2023-1909

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...

CVE-2022-2773

A vulnerability was found in SourceCodester Apartment Visitor Management System. It has been classified as problematic. This affects an unknown part of the file profile.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-206169 w...

CVE-2021-45003

Laundry Booking Management System 1.0 Latest and previous versions are affected by a remote code execution RCE vulnerability in profile.php through the "image" parameter that can execute a webshell payload...

e-Diary Management System /my-profile.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. An SQL injection vulnerability exists in e-Diary Management System, which originates from the lack of validation of an externally entered SQL statement in the parameter fname in the file /my-profile.php. An attacker can explo...

CVE-2025-4937

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937 SourceCodester Apartment Visitor Management System profile.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937

CVE-2025-4937 affects SourceCodester Apartment Visitor Management System 1.0. A vulnerability in the file /profile.php—via the mobilenumber parameter—allows SQL injection. The issue is exploitable remotely, and the exploit has been disclosed publicly. Other parameters may also be affected. The av...

CVE-2025-4934

CVE-2025-4934 affects PHPGurukul User Registration & Login and User Management System 3.3. The vulnerability is in unknown code of /edit-profile.php where manipulating the Contact parameter triggers an SQL injection. Exploitation is possible remotely and has been disclosed publicly. Multiple sour...

CVE-2025-4916 PHPGurukul Auto Taxi Stand Management System admin-profile.php sql injection

A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely...

CVE-2025-4861 PHPGurukul Beauty Parlour Management System admin-profile.php sql injection

A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched...

CVE-2025-44183

Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the name, email, and mobile parameters...

CVE-2025-4812 PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiat...