Filtered by vendor Phpgurukul
Subscribe
Total
221 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22165 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22168 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22175 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22173 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22172 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22171 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22169 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-22174 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-5193 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter. | |||||
| CVE-2020-22176 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information. | |||||
| CVE-2020-5192 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 6.5 MEDIUM | 8.8 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised. | |||||
| CVE-2020-22167 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 3.5 LOW | 5.4 MEDIUM |
| PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data. | |||||
| CVE-2020-10224 | 1 Phpgurukul | 1 Online Book Store | 2023-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | |||||
| CVE-2020-10225 | 1 Phpgurukul | 1 Job Portal | 2023-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | |||||
| CVE-2023-41593 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-11-07 | N/A | 5.4 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters. | |||||
| CVE-2022-40944 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-11-07 | N/A | 9.8 CRITICAL |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. | |||||
| CVE-2022-40943 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2023-11-07 | N/A | 9.8 CRITICAL |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. | |||||
| CVE-2023-46584 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-11-03 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php endpoint. | |||||
| CVE-2023-46583 | 1 Phpgurukul | 1 Nipah Virus Testing Management System | 2023-11-03 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows attackers to execute arbitrary code via a crafted payload injected into the State field. | |||||
| CVE-2022-29006 | 1 Phpgurukul | 1 Directory Management System | 2023-10-04 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | |||||