21 matches found
CVE-2023-33338
CVE-2023-33338 refers to the Old Age Home Management System v1.0, where the username parameter is vulnerable to SQL Injection (CWE-89). The issue allows an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage or data manipulation, with CVSS v3.1 metr...
CVE-2025-2739
The CVE-2025-2739 entry is supported by connected documents showing a SQL injection in PHPGurukul Old Age Home Management System 1.0, originating from manipulation of the sertitle parameter in /admin/manage-services.php. The vulnerability is exploitable remotely and affects unknown processing pat...
CVE-2025-3258
CVE-2025-3258 affects PHPGurukul Old Age Home Management System 1.0. The vulnerability is in the unknown code path of /search.php where manipulating the argument searchdata leads to an SQL injection. Exploitation can be performed remotely, and public disclosures exist. The CVE is described as cri...
CVE-2025-2740
The CVE-2025-2740 entry affects PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function in the file /admin/eligibility.php where manipulation of the pagetitle argument leads to an SQL injection. The vulnerability is exploitable remotely, and public disclosures exist. The co...
CVE-2025-3350
CVE-2025-3350 affects PHPGurukul Old Age Home Management System 1.0, with a SQL injection in the /admin/view-enquiry.php file caused by unsafely manipulating the viewid parameter. Attackers can exploit remotely; multiple sources note the exploit has been disclosed publicly. The available records ...
CVE-2025-3352
CVE-2025-3352 affects PHPGurukul Old Age Home Management System 1.0. The issue is an SQL injection in the /admin/edit-scdetails.php file triggered by manipulating the contnum argument. Multiple connected sources confirm remote exploitation potential and public disclosure of exploits. The impact i...
CVE-2025-2735
CVE-2025-2735 affects PHPGurukul Old Age Home Management System v1.0. The vulnerability is an SQL injection in /admin/add-services.php via the sertitle parameter, exploitable remotely. Public exploit details exist; impact is high (confidentiality, integrity, availability). Root cause is improper ...
CVE-2025-2737
CVE-2025-2737 affects PHPGurukul Old Age Home Management System 1.0. The vulnerability is an SQL injection in the /admin/contactus.php page achieved by manipulating the pagetitle parameter. It is described as remote-exploitable and the exploit has been publicly disclosed. No remediation or affect...
CVE-2025-2734
CVE-2025-2734 affects PHPGurukul Old Age Home Management System 1.0. The issue is an injection in an unknown function of /admin/aboutus.php where the pagetitle parameter is manipulated, leading to SQL injection. Attacks can be launched remotely, and the vulnerability is publicly disclosed. Multip...
CVE-2025-3235
CVE-2025-3235 affects PHPGurukul Old Age Home Management System 1.0. The vulnerable component is the file /admin/profile.php, where manipulation of the parameters adminname and contactnumber leads to SQL injection. The issue is exploitable remotely, and exploitation has been publicly disclosed. S...
CVE-2025-2738
CVE-2025-2738 affects PHPGurukul Old Age Home Management System 1.0. A SQL injection vulnerability arises from improper handling of the namesc parameter in /admin/manage-scdetails.php, enabling remote attackers to manipulate queries. Documented CVSS details indicate high/critical impact (C, I, A ...
CVE-2025-4020
CVE-2025-4020 affects PHPGurukul Old Age Home Management System 1.0. The vulnerability is a SQL injection in the unknown functionality of /contact.php triggered by manipulating the fname parameter. It is exploitable remotely, with public exploit disclosure noted in the sources. Multiple CVSS vect...
CVE-2025-4027
CVE-2025-4027 affects PHPGurukul Old Age Home Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/rules.php caused by manipulation of the pagetitle argument. It can be exploited remotely, and the exploit has been disclosed publicly. The primary sources des...
CVE-2025-2736
The CVE-2025-2736 entry affects PHPGurukul Old Age Home Management System version 1.0, specifically the /admin/bwdates-report-details.php endpoint. The root cause is improper handling of the fromdate parameter, enabling SQL injection that can be executed remotely. Public disclosure of the exploit...
CVE-2025-3351
CVE-2025-3351 affects PHPGurukul Old Age Home Management System 1.0. A SQL injection vulnerability exists in an unknown function on /admin/login.php caused by manipulation of the Username parameter. The issue is remotely exploitable; exploitation status is not detailed in the provided sources. Mu...
CVE-2024-40477
CVE-2024-40477 affects PHPGurukul Old Age Home Management System v1.0. A SQL injection exists in the forgot-password.php endpoint (/oahms/admin/forgot-password.php) via the email parameter, enabling an attacker to execute arbitrary SQL commands. Documented impact is high (data confidentiality, in...
CVE-2024-40484
CVE-2024-40484 affects PHPGurukul Old Age Home Management System v1.0, with a Reflected XSS in the /oahms/search.php endpoint via the searchdata parameter. The vulnerability allows remote attackers to inject and potentially execute arbitrary code, relying on user interaction and network-based acc...
CVE-2024-48702
PHPGurukul Old Age Home Management System v1.0 is affected by HTML Injection through the searchdata parameter. The root cause is improper handling/escaping of input in the searchdata field, enabling injection of HTML content. Impact in documents indicates low to moderate risk for information disc...
CVE-2024-40481
The vulnerability CVE-2024-40481 affects PHPGurukul Old Age Home Management System v1.0, specifically the /admin/view-enquiry.php endpoint. A Stored Cross Site Scripting (XSS) flaw exists in the Contact Us page message parameter, allowing remote attackers to execute arbitrary code. The issue is d...
CVE-2025-6908
CVE-2025-6908 affects PHPGurukul Old Age Home Management System v1.0. The vulnerability resides in the /admin/edit-services.php file where user-controlled parameter sertitle can be manipulated to perform a SQL injection. The issue is exploitable remotely and has been disclosed publicly. Several c...
CVE-2025-6909
CVE-2025-6909 concerns PHPGurukul Old Age Home Management System 1.0. SQL injection vulnerability in /admin/add-scdetails.php via the emeradd parameter. Exploitation is remote; vulnerability details and exploit status are public per multiple sources (NVD, Red Hat, CNVD/CVE listings). Affected com...