Client Management System@1.1 Security Vulnerabilities and Issues — Client Management System@1.1 CVE List

Lucene search

PhpgurukulClient Management System1.1

6 matches found

CVE•added 2024/04/17 6:15 p.m.•54 views

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

9.8CVSS8.7AI score0.00111EPSS

CVE•added 2024/04/17 6:15 p.m.•51 views

CVE-2024-30987

Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters.

6.8CVSS7AI score0.00112EPSS

CVE•added 2024/04/17 7:15 p.m.•49 views

CVE-2024-30990

SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.

9.8CVSS8.7AI score0.00111EPSS

CVE•added 2024/04/17 7:15 p.m.•48 views

CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.

5.4CVSS7.3AI score0.00165EPSS

CVE•added 2024/04/17 6:15 p.m.•46 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter.

6.5CVSS7.3AI score0.00112EPSS

CVE•added 2024/04/17 6:15 p.m.•43 views

CVE-2024-30988

Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar.

6.8CVSS7AI score0.00112EPSS