Lucene search
+L
PhpgurukulComplaint Management System

31 matches found

CVE
CVE
added 2024/12/05 1:31 p.m.843 views

CVE-2024-12228

CVE-2024-12228 affects PHPGurukul Complaint Management System 1.0, specifically the /admin/user-search.php endpoint. The vulnerability arises from improper handling of the search parameter, allowing SQL injection through manipulation of the argument, with remote exploitation reported and public d...

9.8CVSS7.6AI score0.00663EPSS
Web
CVE
CVE
added 2025/06/05 1:0 p.m.70 views

CVE-2025-5660

CVE-2025-5660 affects PHPGurukul Complaint Management System 2.0, with a SQL injection in the /user/register-complaint.php file via the noc parameter. The issue arises from lack of input validation, enabling remote attacker-controlled SQL execution; exploitation is possible as the exploit has bee...

8.8CVSS6.8AI score0.0037EPSS
Web
CVE
CVE
added 2024/12/29 6:31 a.m.66 views

CVE-2024-13004

CVE-2024-13004 affects PHPGurukul Complaint Management System 1.0, specifically the /admin/category.php file. The root cause is improper handling of the state parameter, allowing an SQL injection via the manipulated input. This could enable remote attackers to exploit the vulnerability without us...

9.8CVSS7.5AI score0.00735EPSS
Web
CVE
CVE
added 2025/06/05 11:0 a.m.62 views

CVE-2025-5654

CVE-2025-5654 affects PHPGurukul Complaint Management System 2.0, specifically the /admin/edit-state.php functionality. The vulnerability is a SQL injection caused by unsafely handling the description parameter, which can be exploited remotely and has been publicly disclosed. Impact is high (pote...

8.8CVSS6.8AI score0.00325EPSS
Web
CVE
CVE
added 2025/06/05 11:0 a.m.59 views

CVE-2025-5655

CVE-2025-5655 affects PHPGurukul Complaint Management System 2.0, with SQL injection in the /admin/edit-subcategory.php file via the subcategory parameter. Public disclosures and multiple feeds confirm remote exploitation potential and reliance on unsanitized input in the subcategory parameter. T...

8.8CVSS6.8AI score0.00325EPSS
Web
CVE
CVE
added 2025/06/05 12:0 p.m.59 views

CVE-2025-5657

Summary of CVE-2025-5657 : A critical SQL injection vulnerability exists in PHPGurukul Complaint Management System 2.0, affecting the file /admin/manage-users.php where the uid parameter can be manipulated to execute arbitrary SQL. The issue is exploitable remotely, and multiple connected sources...

8.8CVSS7.3AI score0.00325EPSS
Web
CVE
CVE
added 2024/12/27 1:31 a.m.58 views

CVE-2024-12977

The CVE-2024-12977 entry concerns PHPGurukul Complaint Management System 1.0. A SQL injection affects an unknown portion of /admin/state.php via the state parameter. The issue can be exploited remotely and exploits have been disclosed publicly. Sources consistently describe this as a critical vul...

9.8CVSS6.8AI score0.00539EPSS
Web
CVE
CVE
added 2024/11/28 6:0 p.m.57 views

CVE-2024-11967

The CVE-2024-11967 entry describes a SQL injection in PHPGurukul Complaint Management System 1.0, caused by an injectable parameter in /admin/reset-password.php (email). The vulnerability is exploitable remotely and is stated to have a publicly disclosed exploit. Connected sources consistently id...

9.8CVSS7.5AI score0.00724EPSS
Web
CVE
CVE
added 2024/12/05 2:31 p.m.57 views

CVE-2024-12229

CVE-2024-12229 affects PHPGurukul Complaint Management System 1.0. The vulnerability is a SQL injection in the unknown-functionality of the file /admin/complaint-search.php caused by manipulating the search argument. It is exploitable remotely, and public exploits have been disclosed. Several sou...

9.8CVSS7.5AI score0.00663EPSS
Web
CVE
CVE
added 2025/06/05 10:0 a.m.57 views

CVE-2025-5652

PHPGurukul Complaint Management System 2.0 contains a SQL injection vulnerability in the /admin/between-date-complaintreport.php file, triggered by unsafely handling the fromdate/todate parameters. Attackers can remotely exploit this flaw; exploits have been disclosed publicly per multiple source...

8.8CVSS7.4AI score0.0037EPSS
Web
CVE
CVE
added 2025/06/05 10:31 a.m.56 views

CVE-2025-5653

CVE-2025-5653 details a SQL injection in PHPGurukul Complaint Management System 2.0 via /admin/between-date-userreport.php, caused by manipulation of the fromdate/todate parameters. Affected functionality is unknown, but exploitation can be remote and has been publicly disclosed. Multiple connect...

8.8CVSS6.9AI score0.00325EPSS
Web
CVE
CVE
added 2024/11/28 5:0 p.m.55 views

CVE-2024-11964

PHPGurukul Complaint Management system 1.0 contains a SQL injection vulnerability in /user/index.php via the emailid parameter. Exploitation can be performed remotely; multiple sources confirm this issue and disclose exploit details. Affected component is the index.php handler for emailid; root c...

9.8CVSS7.5AI score0.00827EPSS
Web
CVE
CVE
added 2025/06/05 12:31 p.m.55 views

CVE-2025-5658

PHPGurukul Complaint Management System 2.0 exposes a SQL injection in /admin/updatecomplaint.php via the Status parameter. The root cause is unsanitized/external input in that argument, enabling remote exploitation (exploit disclosed). Responsible remediation/status: no official patch details in ...

8.8CVSS6.9AI score0.00325EPSS
Web
CVE
CVE
added 2024/11/28 5:0 p.m.54 views

CVE-2024-11965

PHPGurukul Complaint Management System 1.0 contains a SQL injection in /user/reset-password.php via the email parameter. The issue is exploitable remotely and classified as critical; multiple sources confirm a remote exploitable path with potential impact to confidentiality/integrity/availability...

9.8CVSS7.5AI score0.00827EPSS
Web
CVE
CVE
added 2025/06/05 11:31 a.m.54 views

CVE-2025-5656

Summary (CVE-2025-5656): PHPGurukul Complaint Management System 2.0 has a SQL injection in /admin/edit-category.php triggered by manipulating the description parameter. The flaw is exploitable remotely and has been disclosed. The connected sources corroborate the vulnerability and its critical/hi...

8.8CVSS6.8AI score0.00325EPSS
Web
CVE
CVE
added 2024/11/28 5:31 p.m.52 views

CVE-2024-11966

PHPGurukul Complaint Management System 1.0 contains a SQL injection in /admin/index.php, triggered by the username parameter. The issue is described as critical with potential remote access. Connected documents corroborate the vulnerability's existence, variant wording across multiple feeds, and ...

9.8CVSS7.5AI score0.00827EPSS
Web
CVE
CVE
added 2024/12/05 2:31 p.m.52 views

CVE-2024-12230

CVE-2024-12230 affects PHPGurukul Complaint Management System 1.0. The vulnerability is a SQL injection in the file /admin/subcategory.php, caused by improper manipulation of the category parameter. The issue is exploitable remotely and an exploit has been disclosed publicly. Multiple connected s...

9.8CVSS7.4AI score0.00663EPSS
Web
CVE
CVE
added 2025/06/05 1:0 p.m.49 views

CVE-2025-5659

CVE-2025-5659 is a SQL injection vulnerability in PHPGurukul Complaint Management System 2.0. The issue affects an unknown functionality in the file /user/profile.php where the pincode parameter is unsafely handled, enabling arbitrary SQL execution. Exploitation is remote and the exploit has been...

8.8CVSS6.9AI score0.0037EPSS
Web
CVE
CVE
added 2025/05/16 8:0 a.m.33 views

CVE-2025-4761

CVE-2025-4761 affects the PHPGurukul Complaint Management System 2.0, with the vulnerability located in the file /admin/admin-profile.php. The issue is an SQL injection triggered by manipulating the argument mobilenumber . Descriptions consistently indicate the vulnerability can be exploited remo...

9.8CVSS7.8AI score0.00414EPSS
Web
CVE
CVE
added 2025/07/18 7:2 p.m.27 views

CVE-2025-7802

PHPGurukul Complaint Management System 2.0 contains a cross-site scripting vulnerability in the /admin/complaint-search.php file. Attackers can manipulate the Search parameter to inject arbitrary script, with the advisory indicating remote exploitation and that the exploit has been disclosed publ...

5.4CVSS3.8AI score0.00234EPSS
Web
CVE
CVE
added 2025/07/19 4:2 p.m.25 views

CVE-2025-7834

The vulnerability CVE-2025-7834 affects PHPGurukul Complaint Management System 2.0. Technical details from PT-2025-30144 indicate a cross-site request forgery due to manipulation of an unknown function, enabling remote abuse and with the exploit publicly disclosed. The available connected documen...

5.3CVSS4.7AI score0.00218EPSS
CVE
CVE
added 2025/11/17 12:0 a.m.24 views

CVE-2024-44655

CVE-2024-44655 affects PHPGurukul Complaint Management System 2.0. A stored/reflected XSS in the search parameter of user-search.php enables execution of arbitrary scripts when exploited. Documented impact includes script injection affecting users; CVSS 3.1 base score 6.1 (Medium) with network at...

6.1CVSS5.8AI score0.0022EPSS
CVE
CVE
added 2025/09/03 12:0 a.m.21 views

CVE-2025-57146

CVE-2025-57146 affects the phpgurukul Complaint Management System in PHP 2.0. The vulnerability is a SQL injection in the file/endpoint user/reset-password.php via the mobileno parameter, caused by lack of input validation. This can allow an attacker to manipulate SQL and potentially access sensi...

8.1CVSS7.6AI score0.0041EPSS
Web
CVE
CVE
added 2025/09/03 12:0 a.m.20 views

CVE-2025-57150

The CVE-2025-57150 entry affects the phpgurukul Complaint Management System in PHP 2.0, with vulnerability in the admin/subcategory.php file via the categoryName parameter that enables Cross-Site Scripting (XSS). Root cause per connected sources is insufficient filtering/escaping of user-supplied...

7.2CVSS5.8AI score0.00584EPSS
Web
CVE
CVE
added 2025/09/03 12:0 a.m.19 views

CVE-2025-57147

CVE-2025-57147 affects the phpgurukul Complaint Management System 2.0. The vulnerability is in the user/registration.php flow where input validation is missing for multiple parameters (fullname, email, contactno), enabling a SQL Injection . The sourced details indicate a high impact on confidenti...

7.5CVSS7.4AI score0.00451EPSS
Web
CVE
CVE
added 2025/11/17 12:0 a.m.18 views

CVE-2024-44657

PHPGurukul Complaint Management System 2.0 is affected by a SQL Injection vulnerability in the between-date-userreport.php file, caused by lack of validation for the fromdate and todate parameters. The root cause is unsanitized input that can allow unauthorized SQL execution and data access/modif...

6.5CVSS7.6AI score0.00235EPSS
CVE
CVE
added 2025/09/03 12:0 a.m.18 views

CVE-2025-57151

CVE-2025-57151 affects phpgurukul Complaint Management System 2.0. The vulnerability is a reflected/stored Cross-Site Scripting (XSS) in admin/userprofile.php triggered via the fullname parameter due to insufficient filtering/escaping of user-supplied data. CVSSv3.1 base score 8.8 (HIGH) with net...

8.8CVSS5.7AI score0.00561EPSS
Web
CVE
CVE
added 2025/11/17 12:0 a.m.14 views

CVE-2024-46335

PHPGurukul Complaint Management System 2.0 is vulnerable to Cross-Site Scripting (XSS) in the between-date-userreport.php script, via the fromdate and todate parameters. The root cause, as described across multiple reports, is lack of proper filtering/escaping of user-supplied data, enabling inje...

4.6CVSS5.8AI score0.00197EPSS
CVE
CVE
added 2025/09/03 12:0 a.m.14 views

CVE-2025-57149

CVE-2025-57149 affects the phpgurukul Complaint Management System 2.0. The vulnerability is an SQL Injection in the file /complaint-details.php through the cid parameter, with root cause described as lack of validation/unsafe handling of SQL statements in that parameter. The CVSS 3.1 base score i...

6.5CVSS7.5AI score0.004EPSS
CVE
CVE
added 2025/11/17 12:0 a.m.13 views

CVE-2024-44654

CVE-2024-44654 affects PHPGurukul Complaint Management System 2.0. The vulnerability is a SQL Injection in reset-password.php via the email and mobileno parameters, due to improper validation/handling of externally supplied SQL statements. The impact stated across sources is potential unauthorize...

6.5CVSS7.6AI score0.00235EPSS
CVE
CVE
added 2025/11/17 12:0 a.m.12 views

CVE-2024-44658

CVE-2024-44658 affects PHPGurukul Complaint Management System 2.0, due to a SQL Injection flaw in subcategory.php exposed through the subcategory and category parameters. The root cause is lack of input validation for externally supplied SQL statements, enabling attackers to manipulate queries an...

6.5CVSS7.6AI score0.00235EPSS