CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10300 – PHPGurukul Medical Card Generation System View Enquiry Page view-enquiry.php sql injection
https://notcve.org/view.php?id=CVE-2024-10300
23 Oct 2024 — A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://phpgurukul.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10299 – PHPGurukul Medical Card Generation System Managecard View Detail Page view-card-detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10299
23 Oct 2024 — A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://phpgurukul.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10298 – PHPGurukul Medical Card Generation System Managecard Edit Card Detail Page edit-card-detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10298
23 Oct 2024 — A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://phpgurukul.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10297 – PHPGurukul Medical Card Generation System Managecard Edit Image Page changeimage.php sql injection
https://notcve.org/view.php?id=CVE-2024-10297
23 Oct 2024 — A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. • https://phpgurukul.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10296 – PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection
https://notcve.org/view.php?id=CVE-2024-10296
23 Oct 2024 — A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. • https://vuldb.com/?id.281563 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46238
https://notcve.org/view.php?id=CVE-2024-46238
21 Oct 2024 — Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php • https://github.com/anoncoder01/PHP_Gurukul_Hospital_Management_System_XSS/blob/master/vulnerabilities/XSS2.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46239
https://notcve.org/view.php?id=CVE-2024-46239
21 Oct 2024 — Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php. • https://github.com/anoncoder01/PHP_Gurukul_Hospital_Management_System_XSS/blob/master/vulnerabilities/XSS3.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10192 – PHPGurukul IFSC Code Finder Project search.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10192
20 Oct 2024 — A vulnerability has been found in PHPGurukul IFSC Code Finder Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file search.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_ifsc_code_finder_search_xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10191 – PHPGurukul Boat Booking System Booking Details Page book-details.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10191
20 Oct 2024 — A vulnerability, which was classified as problematic, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/book-details.php of the component Booking Details Page. The manipulation of the argument Official Remark leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_booking_details_xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10162 – PHPGurukul Boat Booking System Edit Subdomain Details Page edit-subadmin.php sql injection
https://notcve.org/view.php?id=CVE-2024-10162
20 Oct 2024 — A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php of the component Edit Subdomain Details Page. The manipulation of the argument sadminusername/fullname/emailid/mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_edit_subadmin_sqli.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •