Lucene search
K
PhpgurukulUser Management System

5 matches found

CVE
CVE
added 2024/11/11 12:0 a.m.51 views

CVE-2024-50991

The CVE-2024-50991 entry concerns PHPGurukul User Management System v1.0, with an XSS flaw in /ums-sp/admin/registered-users.php. The vulnerability allows remote attackers to execute arbitrary code via the fname parameter in a POST request. The available documents consistently identify the affect...

4.8CVSS6.6AI score0.00388EPSS
Web
CVE
CVE
added 2025/08/21 2:2 p.m.26 views

CVE-2025-9302

PHPGurukul User Management System 1.0 is affected by a SQL injection in signup.php via the emailid parameter. The vulnerability allows remote exploitation with a publicly available exploit, as confirmed by multiple connected sources (CNVD/PT-2025-34224/CNNVD-like reports). Root cause: lack of val...

9.8CVSS7.7AI score0.00387EPSS
CVE
CVE
added 2025/09/17 10:32 p.m.22 views

CVE-2025-10624

CVE-2025-10624 affects PHPGurukul User Management System 1.0. The vulnerability lies in the login.php file where manipulating the emailid parameter enables SQL injection—remotely exploitable; public exploit referenced. Severity varies by source, but core sources describe potential exposure of dat...

9.8CVSS6.7AI score0.00441EPSS
CVE
CVE
added 2025/09/08 5:2 p.m.21 views

CVE-2025-10098

PHPGurukul User Management System 1.0 has a SQL injection in /admin/edit-user-profile.php when the uid argument is manipulated. The vulnerability is exploitable remotely, and public exploits have been released. The CVE is corroborated across NVD and other feeds (Red Hat, CVE List, PT Security) wi...

8.8CVSS6.5AI score0.00408EPSS
Web
CVE
CVE
added 2025/09/01 2:2 a.m.20 views

CVE-2025-9756

The CVE-2025-9756 entry concerns PHPGurukul User Management System v1.0, with a flaw in /admin/change-emailid.php where manipulating the uid parameter leads to SQL injection. Exploitation is remote and the exploit has been published. Public sources consistently describe a SQL injection in the uid...

8.8CVSS6.6AI score0.00309EPSS
Web