322 matches found
Bus Pass Management System 跨站脚本漏洞
Bus Pass Management System is a bus pass management system. A cross-site scripting vulnerability exists in Bus Pass Management System v1.0, which was discovered to contain a cross-site scripting XSS vulnerability via the searchdata parameter...
CVE-2022-31382
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php...
CVE-2022-31382
Directory Management System v1.0 contains a SQL injection vulnerability in the search-dirctory.php component, exploitable via the searchdata parameter. This is the root cause described across multiple sources (CVE-2022-31382). Impact details are limited to the SQLi risk; CVSS scores in the cited ...
PT-2022-3049
Name of the Vulnerable Software and Affected Versions Directory Management System version 1.0 Description The issue is related to a SQL injection vulnerability in the search-dirctory.php component of the Directory Management System. This vulnerability allows a remote attacker to execute arbitrary...
Directory Management System SQL注入漏洞
Directory Management System is a directory management system by Anuj Kumar, a personal developer. A security vulnerability exists in Directory Management System v1.0, which can be exploited by an attacker to perform a SQL injection attack via the searchdata parameter in search-dirctory.php...
CVE-2021-39411
Multiple Cross Site Scripting XSS vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the 1 searchdata parameter in a doctor/search.php and b admin/patient-search.php, and the 2 fromdate and 3 todate parameters in admin/betweendates-detailsreports.php...
PHPGurukul Hospital Management System 跨站脚本漏洞
PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System 4.0 has a security vulnerability that can be exploited by an attacker to conduct xss attacks using multiple parameters. The parameters that can be exploited are 1...
CVE-2021-28423
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...
CVE-2021-28423
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...
PHPGurukul Teachers Record Management System SQL注入漏洞
PHPGurukul Teachers Record Management System is a Teachers Record Management System from PHPGurukul. A SQL injection vulnerability exists in PHPGurukul Teachers Record Management System 1.0 that could allow a remotely authenticated attacker to create a new teacher record via the "editid" GET...
CVE-2020-35151
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection...
CVE-2020-35151
CVE-2020-35151 affects The Online Marriage Registration System 1.0. The vulnerability is a Time-Based SQL Injection in the post parameter searchdata of user/search.php (and noted in admin/search.php in the exploit). Root cause: lack of input validation for searchdata, enabling attacker-controlled...
PT-2020-17269 · Unknown · The Online Marriage Registration System
Name of the Vulnerable Software and Affected Versions: The Online Marriage Registration System version 1.0 Description: The issue concerns a Time Based Sql Injection vulnerability in the searchdata post parameter of the "user/search.php" request. This vulnerability allows for potential...
Online Marriage Registration System 1.0 - 'searchdata' SQL Injection
Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...
Curfew e-Pass Management System 1.0 SQL Injection
Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Google Dork: N/A Date: 04.08.2020 Exploit Author: Mucahit Karadag Vendor Homepage: https://products.phpgurukul.com/product/curfew-e-pass-management-system-project-report/ Software Link:...
Company Visitor Management System (CVMS) 1.0 SQL Injection
Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/...
Cyber Cafe Management System SQL Injection
Exploit Title: Cyber Cafe Management System - Authentication Bypass Date: 2020-07-14 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Software Link:...
CVE-2020-5193
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...
Cross site scripting
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter...
CVE-2020-5193
CVE-2020-5193 affects PHPGurukul Hospital Management System in PHP v4.0. The issue is multiple reflected XSS vulnerabilities exploitable via the searchdata and Doctorspecialization parameters, enabling injection of arbitrary scripts in end-user browsers. No official patch/version update details a...