CVE-2024-48284

A Reflected Cross-Site Scripting XSS vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request...

PT-2024-33070 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.2 Description: A Reflected Cross-Site Scripting XSS issue was discovered in the "/search-result.php" page, allowing remote attackers to execute arbitrary scripts via th...

CVE-2024-48279

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request...

CVE-2024-48283

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter...

CVE-2024-48279

PHPGurukul User Registration & Login and User Management System 3.2 has a HTML Injection vulnerability in /search-result.php. The searchkey parameter (POST) allows remote attackers to inject/execute arbitrary HTML. Root cause is not detailed beyond this; CVSS v3.1 vector indicates high impact wit...

CVE-2007-1240

CVE-2007-1240 involves multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 through 3.0.5. The flaws allow remote attackers to inject arbitrary web script or HTML via specific parameters: (1) searchkey to index.php, and (2) sn or (3) ri to modules/htmlframechat/index.php. The d...