CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5357 – PHPGurukul Zoo Management System forgot-password.php sql injection
https://notcve.org/view.php?id=CVE-2024-5357
A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.266269 https://vuldb.com/?id.266269 https://vuldb.com/?submit.343372 https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/wzxsew2dfb84l3lo • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5137 – PHPGurukul Directory Management System Searchbar admin-profile.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-5137
A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%202.md https://vuldb.com/?ctiid.265213 https://vuldb.com/?id.265213 https://vuldb.com/?submit.339123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5136 – PHPGurukul Directory Management System search-directory.php. cross site scripting
https://notcve.org/view.php?id=CVE-2024-5136
A vulnerability classified as problematic has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /admin/search-directory.php.. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20Cross-Site-Scripting%20-%201.md https://vuldb.com/?ctiid.265212 https://vuldb.com/?id.265212 https://vuldb.com/?submit.339122 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5135 – PHPGurukul Directory Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-5135
A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. • https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20SQL%20Injection%20-%201.md https://vuldb.com/?ctiid.265211 https://vuldb.com/?id.265211 https://vuldb.com/?submit.339121 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5066 – PHPGurukul Online Course Registration System pincode-verification.php sql injection
https://notcve.org/view.php?id=CVE-2024-5066
A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%204.md https://vuldb.com/?ctiid.264925 https://vuldb.com/?id.264925 https://vuldb.com/?submit.336240 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •