User Registration & Login And User Management System Security Vulnerabilities and Issues — User Registration & Login And User Management System CVE List

Lucene search

PhpgurukulUser Registration & Login And User Management System

11 matches found

CVE•added 2024/02/28 8:15 p.m.•3521 views

CVE-2024-25202

Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar.

6.1CVSS6.8AI score0.03841EPSS

CVE•added 2024/03/14 2:15 p.m.•64 views

CVE-2024-28323

The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a potential security vulnerability related to user input validation. The script retrieves user-provided date inputs without proper validation, making it susceptible to SQL injection at...

6.5CVSS7.7AI score0.00112EPSS

CVE•added 2024/11/14 2:15 p.m.•56 views

CVE-2024-50843

A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets.

5.3CVSS6.6AI score0.0013EPSS

CVE•added 2024/10/15 1:15 p.m.•54 views

CVE-2024-48280

A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request.

7.6CVSS9AI score0.00248EPSS

CVE•added 2024/10/15 1:15 p.m.•53 views

CVE-2024-48278

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php.

5.5CVSS7.3AI score0.00058EPSS

CVE•added 2024/10/15 1:15 p.m.•52 views

CVE-2024-48282

A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request.

7.6CVSS9.1AI score0.00439EPSS

CVE•added 2024/10/15 1:15 p.m.•48 views

CVE-2024-48283

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter.

9.8CVSS8.3AI score0.00039EPSS

Web

CVE•added 2024/10/15 1:15 p.m.•47 views

CVE-2024-48279

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.

7.6CVSS8.1AI score0.00219EPSS

CVE•added 2024/11/26 11:15 p.m.•42 views

CVE-2024-11817

A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be lau...

9.8CVSS7.4AI score0.00101EPSS

Web

CVE•added 2024/11/14 6:15 p.m.•42 views

CVE-2024-48284

A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request.

5.4CVSS6AI score0.00127EPSS

CVE•added 2024/11/27 12:15 a.m.•40 views

CVE-2024-11818

A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The expl...

9.8CVSS7.5AI score0.00101EPSS