31 matches found
CVE-2024-12228
CVE-2024-12228 affects PHPGurukul Complaint Management System 1.0, specifically the /admin/user-search.php endpoint. The vulnerability arises from improper handling of the search parameter, allowing SQL injection through manipulation of the argument, with remote exploitation reported and public d...
CVE-2025-5660
CVE-2025-5660 affects PHPGurukul Complaint Management System 2.0, with a SQL injection in the /user/register-complaint.php file via the noc parameter. The issue arises from lack of input validation, enabling remote attacker-controlled SQL execution; exploitation is possible as the exploit has bee...
CVE-2024-13004
CVE-2024-13004 affects PHPGurukul Complaint Management System 1.0, specifically the /admin/category.php file. The root cause is improper handling of the state parameter, allowing an SQL injection via the manipulated input. This could enable remote attackers to exploit the vulnerability without us...
CVE-2025-5654
CVE-2025-5654 affects PHPGurukul Complaint Management System 2.0, specifically the /admin/edit-state.php functionality. The vulnerability is a SQL injection caused by unsafely handling the description parameter, which can be exploited remotely and has been publicly disclosed. Impact is high (pote...
CVE-2025-5655
CVE-2025-5655 affects PHPGurukul Complaint Management System 2.0, with SQL injection in the /admin/edit-subcategory.php file via the subcategory parameter. Public disclosures and multiple feeds confirm remote exploitation potential and reliance on unsanitized input in the subcategory parameter. T...
CVE-2025-5657
Summary of CVE-2025-5657 : A critical SQL injection vulnerability exists in PHPGurukul Complaint Management System 2.0, affecting the file /admin/manage-users.php where the uid parameter can be manipulated to execute arbitrary SQL. The issue is exploitable remotely, and multiple connected sources...
CVE-2024-12977
The CVE-2024-12977 entry concerns PHPGurukul Complaint Management System 1.0. A SQL injection affects an unknown portion of /admin/state.php via the state parameter. The issue can be exploited remotely and exploits have been disclosed publicly. Sources consistently describe this as a critical vul...
CVE-2024-11967
The CVE-2024-11967 entry describes a SQL injection in PHPGurukul Complaint Management System 1.0, caused by an injectable parameter in /admin/reset-password.php (email). The vulnerability is exploitable remotely and is stated to have a publicly disclosed exploit. Connected sources consistently id...
CVE-2024-12229
CVE-2024-12229 affects PHPGurukul Complaint Management System 1.0. The vulnerability is a SQL injection in the unknown-functionality of the file /admin/complaint-search.php caused by manipulating the search argument. It is exploitable remotely, and public exploits have been disclosed. Several sou...
CVE-2025-5652
PHPGurukul Complaint Management System 2.0 contains a SQL injection vulnerability in the /admin/between-date-complaintreport.php file, triggered by unsafely handling the fromdate/todate parameters. Attackers can remotely exploit this flaw; exploits have been disclosed publicly per multiple source...
CVE-2025-5653
CVE-2025-5653 details a SQL injection in PHPGurukul Complaint Management System 2.0 via /admin/between-date-userreport.php, caused by manipulation of the fromdate/todate parameters. Affected functionality is unknown, but exploitation can be remote and has been publicly disclosed. Multiple connect...
CVE-2024-11964
PHPGurukul Complaint Management system 1.0 contains a SQL injection vulnerability in /user/index.php via the emailid parameter. Exploitation can be performed remotely; multiple sources confirm this issue and disclose exploit details. Affected component is the index.php handler for emailid; root c...
CVE-2025-5658
PHPGurukul Complaint Management System 2.0 exposes a SQL injection in /admin/updatecomplaint.php via the Status parameter. The root cause is unsanitized/external input in that argument, enabling remote exploitation (exploit disclosed). Responsible remediation/status: no official patch details in ...
CVE-2024-11965
PHPGurukul Complaint Management System 1.0 contains a SQL injection in /user/reset-password.php via the email parameter. The issue is exploitable remotely and classified as critical; multiple sources confirm a remote exploitable path with potential impact to confidentiality/integrity/availability...
CVE-2025-5656
Summary (CVE-2025-5656): PHPGurukul Complaint Management System 2.0 has a SQL injection in /admin/edit-category.php triggered by manipulating the description parameter. The flaw is exploitable remotely and has been disclosed. The connected sources corroborate the vulnerability and its critical/hi...
CVE-2024-11966
PHPGurukul Complaint Management System 1.0 contains a SQL injection in /admin/index.php, triggered by the username parameter. The issue is described as critical with potential remote access. Connected documents corroborate the vulnerability's existence, variant wording across multiple feeds, and ...
CVE-2024-12230
CVE-2024-12230 affects PHPGurukul Complaint Management System 1.0. The vulnerability is a SQL injection in the file /admin/subcategory.php, caused by improper manipulation of the category parameter. The issue is exploitable remotely and an exploit has been disclosed publicly. Multiple connected s...
CVE-2025-5659
CVE-2025-5659 is a SQL injection vulnerability in PHPGurukul Complaint Management System 2.0. The issue affects an unknown functionality in the file /user/profile.php where the pincode parameter is unsafely handled, enabling arbitrary SQL execution. Exploitation is remote and the exploit has been...
CVE-2025-4761
CVE-2025-4761 affects the PHPGurukul Complaint Management System 2.0, with the vulnerability located in the file /admin/admin-profile.php. The issue is an SQL injection triggered by manipulating the argument mobilenumber . Descriptions consistently indicate the vulnerability can be exploited remo...
CVE-2025-7802
PHPGurukul Complaint Management System 2.0 contains a cross-site scripting vulnerability in the /admin/complaint-search.php file. Attackers can manipulate the Search parameter to inject arbitrary script, with the advisory indicating remote exploitation and that the exploit has been disclosed publ...
CVE-2025-7834
The vulnerability CVE-2025-7834 affects PHPGurukul Complaint Management System 2.0. Technical details from PT-2025-30144 indicate a cross-site request forgery due to manipulation of an unknown function, enabling remote abuse and with the exploit publicly disclosed. The available connected documen...
CVE-2024-44655
CVE-2024-44655 affects PHPGurukul Complaint Management System 2.0. A stored/reflected XSS in the search parameter of user-search.php enables execution of arbitrary scripts when exploited. Documented impact includes script injection affecting users; CVSS 3.1 base score 6.1 (Medium) with network at...
CVE-2025-57146
CVE-2025-57146 affects the phpgurukul Complaint Management System in PHP 2.0. The vulnerability is a SQL injection in the file/endpoint user/reset-password.php via the mobileno parameter, caused by lack of input validation. This can allow an attacker to manipulate SQL and potentially access sensi...
CVE-2025-57150
The CVE-2025-57150 entry affects the phpgurukul Complaint Management System in PHP 2.0, with vulnerability in the admin/subcategory.php file via the categoryName parameter that enables Cross-Site Scripting (XSS). Root cause per connected sources is insufficient filtering/escaping of user-supplied...
CVE-2025-57147
CVE-2025-57147 affects the phpgurukul Complaint Management System 2.0. The vulnerability is in the user/registration.php flow where input validation is missing for multiple parameters (fullname, email, contactno), enabling a SQL Injection . The sourced details indicate a high impact on confidenti...
CVE-2024-44657
PHPGurukul Complaint Management System 2.0 is affected by a SQL Injection vulnerability in the between-date-userreport.php file, caused by lack of validation for the fromdate and todate parameters. The root cause is unsanitized input that can allow unauthorized SQL execution and data access/modif...
CVE-2025-57151
CVE-2025-57151 affects phpgurukul Complaint Management System 2.0. The vulnerability is a reflected/stored Cross-Site Scripting (XSS) in admin/userprofile.php triggered via the fullname parameter due to insufficient filtering/escaping of user-supplied data. CVSSv3.1 base score 8.8 (HIGH) with net...
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross-Site Scripting (XSS) in the between-date-userreport.php script, via the fromdate and todate parameters. The root cause, as described across multiple reports, is lack of proper filtering/escaping of user-supplied data, enabling inje...
CVE-2025-57149
CVE-2025-57149 affects the phpgurukul Complaint Management System 2.0. The vulnerability is an SQL Injection in the file /complaint-details.php through the cid parameter, with root cause described as lack of validation/unsafe handling of SQL statements in that parameter. The CVSS 3.1 base score i...
CVE-2024-44654
CVE-2024-44654 affects PHPGurukul Complaint Management System 2.0. The vulnerability is a SQL Injection in reset-password.php via the email and mobileno parameters, due to improper validation/handling of externally supplied SQL statements. The impact stated across sources is potential unauthorize...
CVE-2024-44658
CVE-2024-44658 affects PHPGurukul Complaint Management System 2.0, due to a SQL Injection flaw in subcategory.php exposed through the subcategory and category parameters. The root cause is lack of input validation for externally supplied SQL statements, enabling attackers to manipulate queries an...