Lucene search
K
PhpgurukulE-diary Management System

15 matches found

CVE
CVE
added 2025/05/04 6:31 a.m.108 views

CVE-2025-4249

CVE-2025-4249 affects PHPGurukul e-Diary Management System 1.0, targeting the /manage-categories.php functionality. The root cause is an SQL injection caused by manipulation of the ID argument, with remote attack potential. Multiple sources confirm the vulnerability and public disclosure of explo...

9.8CVSS7.4AI score0.00432EPSS
CVE
CVE
added 2022/05/23 3:38 p.m.104 views

CVE-2022-29004

Diary Management System v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability exploitable via the Name parameter in search-result.php. The Nuclei template (CVE-2022-29004) confirms the issue and describes impact as injection of malicious scripts leading to user-facing script execution, s...

6.1CVSS6AI score0.02806EPSS
CVE
CVE
added 2025/04/04 6:31 a.m.71 views

CVE-2025-3216

CVE-2025-3216 affects PHPGurukul e-Diary Management System 1.0, specifically the /password-recovery.php file. The vulnerability arises from unsafely handling the username and contactno parameters, enabling SQL injection. The issue is exploitable remotely and exploitation details have been publicl...

9.8CVSS7.6AI score0.00551EPSS
Web
CVE
CVE
added 2025/04/04 5:31 a.m.69 views

CVE-2025-3213

CVE-2025-3213 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is in view-note.php?noteid=11 where the remark parameter enables SQL injection due to improper input validation. Exploitation appears remote (network vector) with potential data exposure. Multiple connected sources ...

9.8CVSS7.8AI score0.00514EPSS
CVE
CVE
added 2025/04/04 11:0 a.m.66 views

CVE-2025-3242

CVE-2025-3242 affects PHPGurukul e-Diary Management System 1.0, with a vulnerability in the file /search-result.php where manipulating the searchdata parameter enables SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple connected sources reiterate that the a...

9.8CVSS6.8AI score0.00438EPSS
Web
CVE
CVE
added 2025/04/04 7:31 p.m.63 views

CVE-2025-3265

The CVE-2025-3265 entry affects PHPGurukul e-Diary Management System v1.0, specifically the code path handling the Category argument in /add-category.php. The vulnerability arises from improper handling of the Category parameter, enabling SQL injection via remote exploitation. Public disclosures ...

9.8CVSS7.6AI score0.00551EPSS
CVE
CVE
added 2025/05/10 5:0 p.m.63 views

CVE-2025-4508

Summary of findings for CVE-2025-4508 : The PHPGurukul e-Diary Management System (version 1.0) is affected by an SQL injection in the /my-profile.php file, triggered by manipulating the fname parameter. Multiple connected sources (CNVD/CNNVD, NVD/CVELIST, Red Hat advisories, and PT Security feed)...

9.8CVSS7.5AI score0.00432EPSS
CVE
CVE
added 2025/05/10 5:31 p.m.61 views

CVE-2025-4509

PHPGurukul e-Diary Management System 1.0 is affected by a SQL injection in /manage-notes.php via the ID parameter. The vulnerability allows remote attacker input manipulation, potentially leading to unauthorized data access or modification. Publicly disclosed exploits exist. Acknowledged mitigati...

9.8CVSS7.4AI score0.00432EPSS
CVE
CVE
added 2025/04/04 7:0 a.m.58 views

CVE-2025-3217

Summary: CVE-2025-3217 affects PHPGurukul e-Diary Management System 1.0, specifically the /registration.php file where the emailid parameter is unsafely used, causing SQL injection. Multiple connected sources confirm remote exploitation potential and public disclosure of exploits. Impact is descr...

9.8CVSS7.8AI score0.00514EPSS
CVE
CVE
added 2025/04/04 8:0 a.m.57 views

CVE-2025-3220

CVE-2025-3220 affects PHPGurukul e-Diary Management System v1.0. The vulnerability is caused by SQL injection in the dashboard.php file, triggered by manipulating the Category parameter. It is described as exploitable remotely, with the exploit publicly disclosed. Multiple sources corroborate an ...

9.8CVSS7.6AI score0.00514EPSS
CVE
CVE
added 2025/03/31 6:0 p.m.55 views

CVE-2025-3006

CVE-2025-3006 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is a SQL injection in the file /edit-category.php?id=8, caused by unvalidated input in the Category parameter. Exploitation can be performed remotely and, per connected sources, the exploit has been disclosed public...

9.8CVSS7.6AI score0.00514EPSS
CVE
CVE
added 2025/04/04 12:0 a.m.55 views

CVE-2025-3187

CVE-2025-3187 affects PHPGurukul e-Diary Management System v1.0. The vulnerability is in the login.php file, where manipulation of the logindetail parameter leads to a SQL injection. Multiple connected documents describe remote-exploit potential and classify the issue as critical/high impact, wit...

9.8CVSS7.6AI score0.00514EPSS
CVE
CVE
added 2025/04/04 12:31 a.m.55 views

CVE-2025-3188

CVE-2025-3188 affects PHPGurukul e-Diary Management System 1.0. The vulnerability lies in the /add-notes.php file where manipulating the Category parameter enables SQL injection. Exploitation can be initiated remotely, and public disclosures exist across multiple sources, indicating active risk. ...

9.8CVSS7.7AI score0.00514EPSS
CVE
CVE
added 2025/07/28 12:0 a.m.26 views

CVE-2025-50486

CVE-2025-50486 affects PHPGurukul Car Rental Project, version 3.0. The vulnerability is due to improper session invalidation in the /carrental/update-password.php component, enabling session hijacking. Documented impact indicates potential control of a user session with high confidentiality impac...

7.1CVSS6.8AI score0.00322EPSS
CVE
CVE
added 2025/07/28 12:0 a.m.18 views

CVE-2025-50492

CVE-2025-50492 affects PHPGurukul e-Diary Management System v1, specifically the /edms/change-password.php component. The root cause is improper session invalidation, which can enable a session hijacking attack. Impact is exploitation of user sessions with high availability impact (per CVSS). Rem...

7.5CVSS6.7AI score0.00429EPSS