CVE-2024-44663

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php...

CVE-2024-44663

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php...

CVE-2024-44663

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php...

CVE-2025-10603

A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/adminforum/searchresult.php. Executing manipulation of the argument Search can lead to sql injection. The attack can be launched remotely. The exploit...

CVE-2025-10603

PHPGurukul Online Discussion Forum 1.0 is affected in /admin/admin_forum/search_result.php. Manipulating the Search parameter leads to SQL injection; the vulnerability is remotely exploitable and has publicly disclosed exploits. Connected sources corroborate the file and the injection vector, wit...

CVE-2025-10603 PHPGurukul Online Discussion Forum search_result.php sql injection

A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/adminforum/searchresult.php. Executing manipulation of the argument Search can lead to sql injection. The attack can be launched remotely. The exploit...

Malicious code in search-result (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6ddb1c5d5505a20da7fa64201ed64cc4b487447debb5dfac4a7d1398b93bcb1a The OpenSSF Package Analysis project identified 'search-result' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...

CVE-2025-3242

A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument id/searchdata leads to sql injection. The attack can be initiated remotely. The exploit h...

Online Shopping Portal /search-result.php File SQL Injection Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter Product of the file /search-result.php. An attacker can exploit this vulnerability to...

CVE-2025-0174

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/searchresult2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. I...

CVE-2024-48279

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request...

PT-2024-33067 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.2 Description: A SQL Injection issue was found in the /search-result.php file, allowing remote attackers to execute arbitrary SQL commands via the fromdate parameter in...

PT-2024-33069 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: Phpgurukul User Registration & Login and User Management System version 3.2 Description: The issue is related to SQL Injection in the /admin//search-result.php endpoint via the searchkey parameter. This allows for potential exploitation. No...

CVE-2024-48283

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter...

Cross site scripting

Stored cross-site scripting XSS vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote...

CVE-2024-25145

CVE-2024-25145 describes a stored cross-site scripting (XSS) vulnerability in the Portal Search module’s Search Result app of Liferay Portal 7.2.0–7.4.3.11, and older unsupported versions, plus certain Liferay DXP builds. The issue allows remote authenticated users to inject arbitrary script/HTML...

Malicious ad for USPS fishes for banking credentials

We often think of malvertising as being malicious ads that push malware or scams, and quite rightly so these are probably the most common payloads. However, malvertising is also a great vehicle for phishing attacks which we usually see more often via spam emails. Threat actors continue to abuse a...

SourceCodester Shopping Website SQL注入漏洞

SourceCodester Shopping Website is a shopping website type CMS. A SQL injection vulnerability exists in SourceCodester Shopping Website version 1.0, which stems from the parameter product in the file search-result.php that can lead to SQL injection...

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

Cross site scripting

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...