CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2674 – PHPGurukul Bank Locker Management System aboutus.php sql injection
https://notcve.org/view.php?id=CVE-2025-2674
24 Mar 2025 — A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ARPANET-cyber/CVE/issues/3 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2663 – PHPGurukul Bank Locker Management System search-locker-details.php sql injection
https://notcve.org/view.php?id=CVE-2025-2663
23 Mar 2025 — A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /search-locker-details.php. The manipulation of the argument searchinput leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ARPANET-cyber/CVE/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1964 – PHPGurukul Bank Locker Management System Password Reset recovery.php sql injection
https://notcve.org/view.php?id=CVE-2023-1964
09 Apr 2023 — A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. Affected is an unknown function of the file recovery.php of the component Password Reset. The manipulation of the argument uname/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/vsdwef/Bank-locker-Managament-System/blob/main/password-recovery.php_SQL_English.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1963 – PHPGurukul Bank Locker Management System Search index.php sql injection
https://notcve.org/view.php?id=CVE-2023-1963
09 Apr 2023 — A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated remotely. • https://github.com/vsdwef/Bank-locker-Managament-System/blob/main/search-locker-details.php_SQL_English.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 18%CPEs: 1EXPL: 1CVE-2023-0563 – PHPGurukul Bank Locker Management System Assign Locker add-locker-form.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-0563
28 Jan 2023 — A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ctflearner/Vulnerability/blob/main/Bank_Locker_Management_System/BLMS_XSS_IN_ADMIN_BROWSER.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 71%CPEs: 1EXPL: 1CVE-2023-0562 – PHPGurukul Bank Locker Management System Login index.php sql injection
https://notcve.org/view.php?id=CVE-2023-0562
28 Jan 2023 — A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. • https://github.com/ctflearner/Vulnerability/blob/main/Bank_Locker_Management_System/Bank%20Locker%20Management%20System-SQL%20.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •