Online Shopping Portal

online_shopping_portal

Vendor: Phpgurukul • 33 CVEs

CVEs (33)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-10753 1Phpgurukul 1Online Shopping Portal Nov 6, 2024 Nov 4, 2024 5.3 MEDIUM· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/do...Show more A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_two_headers.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10747 1Phpgurukul 1Online Shopping Portal Nov 5, 2024 Nov 4, 2024 5.3 MEDIUM· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th....Show more A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10746 1Phpgurukul 1Online Shopping Portal Nov 5, 2024 Nov 4, 2024 5.3 MEDIUM· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The...Show more A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10745 1Phpgurukul 1Online Shopping Portal Nov 5, 2024 Nov 3, 2024 5.3 MEDIUM· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/t...Show more A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/deferred_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10744 1Phpgurukul 1Online Shopping Portal Nov 5, 2024 Nov 3, 2024 5.3 MEDIUM· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_...Show more A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10743 1Phpgurukul 1Online Shopping Portal Nov 5, 2024 Nov 3, 2024 5.3 MEDIUM· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/e...Show more A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-9326 1Phpgurukul 1Online Shopping Portal Oct 2, 2024 Sep 29, 2024 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of t...Show more A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-39090 1Phpgurukul 1Online Shopping Portal Apr 5, 2025 Jul 18, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to...Show more The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover.Show less
CVE-2023-38890 1Phpgurukul 1Online Shopping Portal Dec 8, 2025 Aug 18, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to in...Show more Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.Show less
CVE-2023-37772 1Phpgurukul 1Online Shopping Portal Nov 21, 2024 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.
CVE-2023-3605 1Phpgurukul 1Online Shopping Portal Nov 21, 2024 Jul 10, 2023 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads...Show more A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233467.Show less
CVE-2021-46110 1Phpgurukul 1Online Shopping Portal Nov 21, 2024 Feb 18, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters.
CVE-2021-37807 1Phpgurukul 1Online Shopping Portal Nov 21, 2024 Oct 27, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exi...Show more An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database.Show less

Previous 12