Anujk305

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-44180 1Anujk305 1Vehicle Record Management System May 28, 2025 May 15, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit-brand.php?bid={brandId}.
CVE-2025-4266 1Anujk305 1Notice Board System May 7, 2025 May 5, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulati...Show more A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulation of the argument fromdate/tomdate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4060 1Anujk305 1Notice Board System May 9, 2025 Apr 29, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname lead...Show more A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-29641 1Anujk305 1Vehicle Record Management System Apr 1, 2025 Mar 21, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via the 'searchinputdata' parameter.
CVE-2025-29640 1Anujk305 1Human Metapneumovirus (hmpv) Testing Management System Apr 1, 2025 Mar 21, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata..
CVE-2024-48703 1Anujk305 1Medical Card Generation System Dec 11, 2024 Dec 6, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.
CVE-2024-10297 1Anujk305 1Medical Card Generation System May 6, 2025 Oct 23, 2024 5.1 MEDIUM· v4 7.2 HIGH· v3 5.8 MEDIUM· v2 A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Manageca...Show more A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-44798 1Anujk305 1Bus Pass Management System Sep 16, 2024 Sep 13, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.
CVE-2024-29390 1Anujk305 1Daily Expenses Management System Jun 20, 2025 Jun 20, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST reques...Show more Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done by injecting specially crafted SQL queries that make the database perform time-consuming operations, thereby confirming the presence of the SQL injection vulnerability based on the delay in the server's response.Show less
CVE-2023-5305 1Anujk305 1Online Banquet Booking System Nov 21, 2024 Sep 30, 2023 N/A· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation...Show more A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-240944.Show less
CVE-2023-5304 1Anujk305 1Online Banquet Booking System Nov 21, 2024 Sep 30, 2023 N/A· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Bookin...Show more A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943.Show less

Previous 12