CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2648 – PHPGurukul Art Gallery Management System view-enquiry-detail.php sql injection
https://notcve.org/view.php?id=CVE-2025-2648
23 Mar 2025 — A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/view-enquiry-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/liuhao2638/cve/issues/11 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2647 – PHPGurukul Art Gallery Management System search.php sql injection
https://notcve.org/view.php?id=CVE-2025-2647
23 Mar 2025 — A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. • https://github.com/liuhao2638/cve/issues/10 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2646 – PHPGurukul Art Gallery Management System admin-profile.php sql injection
https://notcve.org/view.php?id=CVE-2025-2646
23 Mar 2025 — A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. • https://github.com/liuhao2638/cve/issues/9 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2645 – PHPGurukul Art Gallery Management System product.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-2645
23 Mar 2025 — A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /product.php. The manipulation of the argument artname leads to cross site scripting. It is possible to launch the attack remotely. • https://github.com/liuhao2638/cve/issues/8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2644 – PHPGurukul Art Gallery Management System add-art-product.php sql injection
https://notcve.org/view.php?id=CVE-2025-2644
23 Mar 2025 — A vulnerability was found in PHPGurukul Art Gallery Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add-art-product.php. The manipulation of the argument arttype leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/liuhao2638/cve/issues/7 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2643 – PHPGurukul Art Gallery Management System edit-art-type-detail.php sql injection
https://notcve.org/view.php?id=CVE-2025-2643
23 Mar 2025 — A vulnerability has been found in PHPGurukul Art Gallery Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-art-type-detail.php?editid=1. The manipulation of the argument arttype leads to sql injection. The attack can be initiated remotely. • https://github.com/liuhao2638/cve/issues/6 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2642 – PHPGurukul Art Gallery Management System edit-art-product-detail.php sql injection
https://notcve.org/view.php?id=CVE-2025-2642
23 Mar 2025 — A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/edit-art-product-detail.php?editid=2. The manipulation of the argument editide/sprice/description leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/liuhao2638/cve/issues/3 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2641 – PHPGurukul Art Gallery Management System edit-artist-detail.php sql injection
https://notcve.org/view.php?id=CVE-2025-2641
23 Mar 2025 — A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-artist-detail.php?editid=1. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. • https://github.com/liuhao2638/cve/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2627 – PHPGurukul Art Gallery Management System contactus.php sql injection
https://notcve.org/view.php?id=CVE-2025-2627
22 Mar 2025 — A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/liuhao2638/cve/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2047 – PHPGurukul Art Gallery Management System search.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-2047
06 Mar 2025 — A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument search leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/chenyihao-cyber/CVE/issues/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •