4 matches found
CVE-2025-40687
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'mobilenumber', 'teamleadname' and 'teammember' parameters in the endpoint '/ofrs/admin/add-team.php'...
CVE-2025-40693 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
Online Fire Reporting System SQL注入漏洞
Online Fire Reporting System is an online fire reporting system developed by Carlo Montero. A SQL injection vulnerability exists in Online Fire Reporting System version 1.2, which stems from incorrect manipulation of the parameters mobilenumber, teamleadname, and teammember in the file...
Online Fire Reporting System 跨站脚本漏洞
Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient input validation of the GET parameter tname and the POST...