CVE-2025-2380 PHPGurukul Apartment Visitors Management System admin-profile.php sql injection

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-2374

CVE-2025-2374 affects PHPGurukul Human Metapneumovirus Testing Management System 1.0. The vulnerability is a SQL injection in the profile.php handling of the parameters aid/adminname/mobilenumber/email, allowing an attacker to manipulate SQL statements remotely. The issue stems from unsafely proc...

CVE-2025-2374 PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The...

CVE-2025-29427

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting XSS in profile.php via the memberfirst and memberlast parameters...

CVE-2025-29427

The CVE-2025-29427 entry concerns Code-projects Online Class and Exam Scheduling System V1.0. The vulnerability is a Cross Site Scripting (XSS) flaw in profile.php, triggered by the parameters member_first and member_last. The issue arises from insufficient input handling (lack of proper filterin...

CVE-2025-29427

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting XSS in profile.php via the memberfirst and memberlast parameters...

Online Class and Exam Scheduling System profile.php file cross-site scripting vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter username in the file...

CVE-2025-1955 code-projects Online Class and Exam Scheduling System profile.php cross site scripting

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

CVE-2025-1906 PHPGurukul Restaurant Table Booking System profile.php sql injection

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-1906 PHPGurukul Restaurant Table Booking System profile.php sql injection

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The...

Wazifa System profile.php file cross-site scripting vulnerability

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter postcontent in the /profile.php file, which can be exploited to execute arbitrary Web...

CVE-2025-1208

A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /Profile.php. The manipulation of the argument postcontent leads to cross site scripting. The attack may be initiated remotely. The exploit has be...

CVE-2025-1190 code-projects Job Recruitment load_user-profile.php cross site scripting

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/loaduser-profile.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Multiple parameters might be...

CVE-2025-1190 code-projects Job Recruitment load_user-profile.php cross site scripting

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /parse/loaduser-profile.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Multiple parameters might be...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...

Code-Projects Job Recruitment 代码注入漏洞

Code-Projects Job Recruitment is an open source job portal by Code-Projects. A code injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which stems from unknown code in the /parse/loaduser-profile.php file that does not properly handle user input...

Code-Projects Wazifa System 代码注入漏洞

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter postcontent in the /profile.php file, which can be exploited to execute arbitrary Web...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name field in profile.php. The vulnerability stems from insufficient filtering/escaping of user data in profile.php. CVSSv3.1 base score is 5.4 (Medium) with Network, Low attack complexity...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...