Lucene search
K

322 matches found

CNNVD
CNNVD
added 2022/09/30 12:0 a.m.5 views

Bus Pass Management System 跨站脚本漏洞

Bus Pass Management System is a bus pass management system. A cross-site scripting vulnerability exists in Bus Pass Management System v1.0, which was discovered to contain a cross-site scripting XSS vulnerability via the searchdata parameter...

6.1CVSS5.9AI score0.01986EPSS
Exploits2References5
OSV
OSV
added 2022/06/16 5:15 p.m.5 views

CVE-2022-31382

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php...

9.8CVSS7.3AI score0.01644EPSS
Exploits2References3
CVE
CVE
added 2022/06/16 4:46 p.m.73 views

CVE-2022-31382

Directory Management System v1.0 contains a SQL injection vulnerability in the search-dirctory.php component, exploitable via the searchdata parameter. This is the root cause described across multiple sources (CVE-2022-31382). Impact details are limited to the SQLi risk; CVSS scores in the cited ...

9.8CVSS9.8AI score0.01644EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/16 12:0 a.m.5 views

PT-2022-3049

Name of the Vulnerable Software and Affected Versions Directory Management System version 1.0 Description The issue is related to a SQL injection vulnerability in the search-dirctory.php component of the Directory Management System. This vulnerability allows a remote attacker to execute arbitrary...

9.8CVSS7.5AI score0.01644EPSS
Exploits2References11
CNNVD
CNNVD
added 2022/06/16 12:0 a.m.4 views

Directory Management System SQL注入漏洞

Directory Management System is a directory management system by Anuj Kumar, a personal developer. A security vulnerability exists in Directory Management System v1.0, which can be exploited by an attacker to perform a SQL injection attack via the searchdata parameter in search-dirctory.php...

9.8CVSS5.9AI score0.01644EPSS
Exploits2References4
OSV
OSV
added 2021/11/05 3:15 p.m.4 views

CVE-2021-39411

Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the 1 searchdata parameter in a doctor/search.php and b admin/patient-search.php, and the 2 fromdate and 3 todate parameters in admin/betweendates-detailsreports.php...

6.1CVSS5.8AI score0.0089EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.3 views

PHPGurukul Hospital Management System 跨站脚本漏洞

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System 4.0 has a security vulnerability that can be exploited by an attacker to conduct xss attacks using multiple parameters. The parameters that can be exploited are 1...

6.1CVSS6.3AI score0.0089EPSS
Exploits0References2
OSV
OSV
added 2021/07/01 3:15 p.m.4 views

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

8.8CVSS6.1AI score0.02578EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/07/01 2:38 p.m.16 views

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

9.2AI score0.02578EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.4 views

PHPGurukul Teachers Record Management System SQL注入漏洞

PHPGurukul Teachers Record Management System is a Teachers Record Management System from PHPGurukul. A SQL injection vulnerability exists in PHPGurukul Teachers Record Management System 1.0 that could allow a remotely authenticated attacker to create a new teacher record via the "editid" GET...

8.8CVSS8.6AI score0.02578EPSS
Exploits1References4
OSV
OSV
added 2020/12/21 9:15 p.m.5 views

CVE-2020-35151

The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection...

8.8CVSS7.3AI score0.03783EPSS
Exploits2References2
CVE
CVE
added 2020/12/21 8:20 p.m.81 views

CVE-2020-35151

CVE-2020-35151 affects The Online Marriage Registration System 1.0. The vulnerability is a Time-Based SQL Injection in the post parameter searchdata of user/search.php (and noted in admin/search.php in the exploit). Root cause: lack of input validation for searchdata, enabling attacker-controlled...

8.8CVSS8.6AI score0.03783EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/12/21 12:0 a.m.7 views

PT-2020-17269 · Unknown · The Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: The Online Marriage Registration System version 1.0 Description: The issue concerns a Time Based Sql Injection vulnerability in the searchdata post parameter of the "user/search.php" request. This vulnerability allows for potential...

8.8CVSS8.5AI score0.03783EPSS
Exploits2References6
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.311 views

Online Marriage Registration System 1.0 - 'searchdata' SQL Injection

Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...

8.8CVSS8.9AI score0.03783EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/08/06 12:0 a.m.154 views

Curfew e-Pass Management System 1.0 SQL Injection

Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Google Dork: N/A Date: 04.08.2020 Exploit Author: Mucahit Karadag Vendor Homepage: https://products.phpgurukul.com/product/curfew-e-pass-management-system-project-report/ Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/20 12:0 a.m.806 views

Company Visitor Management System (CVMS) 1.0 SQL Injection

Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/...

1.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/14 12:0 a.m.266 views

Cyber Cafe Management System SQL Injection

Exploit Title: Cyber Cafe Management System - Authentication Bypass Date: 2020-07-14 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Software Link:...

0.3AI score
Exploits0
OSV
OSV
added 2020/01/14 6:15 p.m.6 views

CVE-2020-5193

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...

6.1CVSS6.4AI score0.00923EPSS
Exploits2References1
Prion
Prion
added 2020/01/14 6:15 p.m.21 views

Cross site scripting

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...

4.3CVSS6.2AI score0.00923EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2020/01/14 5:40 p.m.62 views

CVE-2020-5193

CVE-2020-5193 affects PHPGurukul Hospital Management System in PHP v4.0. The issue is multiple reflected XSS vulnerabilities exploitable via the searchdata and Doctorspecialization parameters, enabling injection of arbitrary scripts in end-user browsers. No official patch/version update details a...

6.1CVSS6.2AI score0.00923EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder