15 matches found
CVE-2025-4249
CVE-2025-4249 affects PHPGurukul e-Diary Management System 1.0, targeting the /manage-categories.php functionality. The root cause is an SQL injection caused by manipulation of the ID argument, with remote attack potential. Multiple sources confirm the vulnerability and public disclosure of explo...
CVE-2022-29004
Diary Management System v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability exploitable via the Name parameter in search-result.php. The Nuclei template (CVE-2022-29004) confirms the issue and describes impact as injection of malicious scripts leading to user-facing script execution, s...
CVE-2025-3216
CVE-2025-3216 affects PHPGurukul e-Diary Management System 1.0, specifically the /password-recovery.php file. The vulnerability arises from unsafely handling the username and contactno parameters, enabling SQL injection. The issue is exploitable remotely and exploitation details have been publicl...
CVE-2025-3213
CVE-2025-3213 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is in view-note.php?noteid=11 where the remark parameter enables SQL injection due to improper input validation. Exploitation appears remote (network vector) with potential data exposure. Multiple connected sources ...
CVE-2025-3242
CVE-2025-3242 affects PHPGurukul e-Diary Management System 1.0, with a vulnerability in the file /search-result.php where manipulating the searchdata parameter enables SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple connected sources reiterate that the a...
CVE-2025-3265
The CVE-2025-3265 entry affects PHPGurukul e-Diary Management System v1.0, specifically the code path handling the Category argument in /add-category.php. The vulnerability arises from improper handling of the Category parameter, enabling SQL injection via remote exploitation. Public disclosures ...
CVE-2025-4508
Summary of findings for CVE-2025-4508 : The PHPGurukul e-Diary Management System (version 1.0) is affected by an SQL injection in the /my-profile.php file, triggered by manipulating the fname parameter. Multiple connected sources (CNVD/CNNVD, NVD/CVELIST, Red Hat advisories, and PT Security feed)...
CVE-2025-4509
PHPGurukul e-Diary Management System 1.0 is affected by a SQL injection in /manage-notes.php via the ID parameter. The vulnerability allows remote attacker input manipulation, potentially leading to unauthorized data access or modification. Publicly disclosed exploits exist. Acknowledged mitigati...
CVE-2025-3217
Summary: CVE-2025-3217 affects PHPGurukul e-Diary Management System 1.0, specifically the /registration.php file where the emailid parameter is unsafely used, causing SQL injection. Multiple connected sources confirm remote exploitation potential and public disclosure of exploits. Impact is descr...
CVE-2025-3220
CVE-2025-3220 affects PHPGurukul e-Diary Management System v1.0. The vulnerability is caused by SQL injection in the dashboard.php file, triggered by manipulating the Category parameter. It is described as exploitable remotely, with the exploit publicly disclosed. Multiple sources corroborate an ...
CVE-2025-3006
CVE-2025-3006 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is a SQL injection in the file /edit-category.php?id=8, caused by unvalidated input in the Category parameter. Exploitation can be performed remotely and, per connected sources, the exploit has been disclosed public...
CVE-2025-3187
CVE-2025-3187 affects PHPGurukul e-Diary Management System v1.0. The vulnerability is in the login.php file, where manipulation of the logindetail parameter leads to a SQL injection. Multiple connected documents describe remote-exploit potential and classify the issue as critical/high impact, wit...
CVE-2025-3188
CVE-2025-3188 affects PHPGurukul e-Diary Management System 1.0. The vulnerability lies in the /add-notes.php file where manipulating the Category parameter enables SQL injection. Exploitation can be initiated remotely, and public disclosures exist across multiple sources, indicating active risk. ...
CVE-2025-50486
CVE-2025-50486 affects PHPGurukul Car Rental Project, version 3.0. The vulnerability is due to improper session invalidation in the /carrental/update-password.php component, enabling session hijacking. Documented impact indicates potential control of a user session with high confidentiality impac...
CVE-2025-50492
CVE-2025-50492 affects PHPGurukul e-Diary Management System v1, specifically the /edms/change-password.php component. The root cause is improper session invalidation, which can enable a session hijacking attack. Impact is exploitation of user sessions with high availability impact (per CVSS). Rem...