Lucene search
K
PhpgurukulDirectory Management System

17 matches found

CVE
CVE
added 2022/05/11 1:8 p.m.89 views

CVE-2022-29006

Summary (CVE-2022-29006) : Directory Management System 1.0 contains multiple SQL injection vulnerabilities in the Admin panel via the username and password parameters, enabling an attacker to bypass authentication. The Nuclei template and related entries describe exploitation that could lead to s...

9.8CVSS10AI score0.19478EPSS
CVE
CVE
added 2024/05/20 8:31 a.m.78 views

CVE-2024-5135

The CVE-2024-5135 entry concerns PHPGurukul Directory Management System v1.0, where a SQL injection is possible in /admin/index.php via the username parameter. The vulnerability can be triggered remotely and an exploit has been publicly disclosed. Public documents corroborate this as a directory ...

9.8CVSS7.3AI score0.00698EPSS
Web
CVE
CVE
added 2022/06/16 4:46 p.m.74 views

CVE-2022-31382

Directory Management System v1.0 contains a SQL injection vulnerability in the search-dirctory.php component, exploitable via the searchdata parameter. This is the root cause described across multiple sources (CVE-2022-31382). Impact details are limited to the SQLi risk; CVSS scores in the cited ...

9.8CVSS9.8AI score0.01644EPSS
CVE
CVE
added 2022/06/16 4:37 p.m.71 views

CVE-2022-31384

CVE-2022-31384 affects Directory Management System v1.0, with a SQL injection vulnerability in add-directory.php exploitable via the fullname parameter due to insufficient input validation. Affected component is the add-directory.php endpoint; the issue enables arbitrary SQL execution and potenti...

9.8CVSS9.8AI score0.01644EPSS
CVE
CVE
added 2024/05/20 9:0 a.m.71 views

CVE-2024-5136

CVE-2024-5136 affects PHPGurukul Directory Management System 1.0. The vulnerability is in an unknown function within /admin/search-directory.php, enabling cross-site scripting. Impact is limited to a client-side compromise via XSS; exploitation can be remote and a public exploit exists. Multiple ...

5.1CVSS6.2AI score0.00473EPSS
CVE
CVE
added 2022/06/16 4:41 p.m.64 views

CVE-2022-31383

Directory Management System v1.0 is affected by a SQL injection vulnerability triggered via the editid parameter in view-directory.php. The issue is consistently described across multiple sources as an SQL injection originating from the editid input, enabling arbitrary SQL execution. The CVE-2022...

9.8CVSS9.8AI score0.01644EPSS
CVE
CVE
added 2025/04/30 12:0 a.m.61 views

CVE-2025-45021

Affected software: PHPGurukul Directory Management System v2.0 (admin/edit-directory.php). Vulnerability: SQL Injection via the POST parameter “email,” enabling arbitrary SQL execution. Root cause / vector: Improper handling of the email parameter in admin/edit-directory.php (SQLi). Impact (as st...

5.3CVSS8AI score0.00185EPSS
Web
CVE
CVE
added 2024/05/20 9:31 a.m.59 views

CVE-2024-5137

CVE-2024-5137 affects PHPGurukul Directory Management System 1.0. The issue is in the /admin/admin-profile.php file of the Searchbar component, where input manipulation leads to cross-site scripting. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly (VDB-265...

5.1CVSS6.2AI score0.00473EPSS
CVE
CVE
added 2025/05/18 6:0 a.m.44 views

CVE-2025-4862

The CVE-2025-4862 entry concerns PHPGurukul Directory Management System 2.0. Affected is unknown functionality in /searchdata.php where manipulating the searchdata argument triggers cross-site scripting. Root cause cited across sources is inadequate filtering/escaping of user-supplied data in par...

6.1CVSS4.4AI score0.00389EPSS
CVE
CVE
added 2025/05/15 1:0 p.m.42 views

CVE-2025-4697

CVE-2025-4697 affects PHPGurukul Directory Management System 2.0. The vulnerability is in the file /admin/edit-directory.php where the argument editid is unsafely used, enabling SQL injection. This could allow an attacker to remotely exploit and potentially exfiltrate data or alter the database, ...

9.8CVSS7.4AI score0.00421EPSS
Web
CVE
CVE
added 2025/05/15 2:0 p.m.40 views

CVE-2025-4698

The CVE-2025-4698 entry concerns PHPGurukul Directory Management System 2.0. A SQL injection vulnerability exists in the /admin/forget-password.php file, exploitable by manipulating the email parameter. This vulnerability is remote-exploitable and is described across multiple sources as critical/...

9.8CVSS7.6AI score0.00421EPSS
Web
CVE
CVE
added 2025/06/20 10:0 a.m.30 views

CVE-2025-6330

The CVE-2025-6330 entry concerns PHPGurukul Directory Management System 1.0 with a SQL injection in /searchdata.php via the searchdata parameter. Connected documents confirm remote exploitation and public disclosure, caused by lack of input validation in an unknown function of that file. Impact i...

9.8CVSS7.5AI score0.00399EPSS
CVE
CVE
added 2025/06/20 10:0 a.m.30 views

CVE-2025-6331

CVE-2025-6331 affects PHPGurukul Directory Management System v1.0. The vulnerability is an SQL injection in the /admin/search-directory.php endpoint, caused by unsafely handling the searchdata parameter. The issue can be exploited remotely and the exploit has been publicly disclosed, potentially ...

8.8CVSS6.8AI score0.00325EPSS
Web
CVE
CVE
added 2025/06/20 10:31 a.m.23 views

CVE-2025-6333

PHPGurukul Directory Management System 2.0 contains a SQL injection in /admin/admin-profile.php via the adminname parameter. Exploitation is remote; multiple sources describe the issue as critical with potential to access or corrupt data. Connected documents consistently identify the vulnerabilit...

8.8CVSS6.8AI score0.00325EPSS
Web
CVE
CVE
added 2025/06/20 10:31 a.m.22 views

CVE-2025-6332

The CVE-2025-6332 entry concerns PHPGurukul Directory Management System 2.0. Affects the file /admin/manage-directory.php, where manipulation of the del parameter enables SQL injection due to insufficient input validation. This vulnerability can be exploited remotely, with public exploit disclosu...

8.8CVSS6.7AI score0.00325EPSS
Web
CVE
CVE
added 2026/01/19 3:32 p.m.16 views

CVE-2026-1160

CVE-2026-1160 affects PHPGurukul Directory Management System 1.0. The vulnerability is an SQL injection in the Search component, specifically the /index.php handling of the searchdata argument. The affected element is an unknown function within Search; exploitation can be remote and the exploit h...

9.8CVSS5.5AI score0.00326EPSS
CVE
CVE
added 2025/08/29 3:32 p.m.13 views

CVE-2025-9656

PHPGurukul Directory Management System 2.0 contains a cross-site scripting vulnerability in the file /admin/add-directory.php. The issue arises from unsafely manipulating the fullname parameter, enabling remote attacker-triggered script execution. The vulnerability is publicly disclosed and can b...

6.1CVSS5.6AI score0.0032EPSS
Web