CVE-2024-10297 – PHPGurukul Medical Card Generation System Managecard Edit Image Page changeimage.php sql injection
https://notcve.org/view.php?id=CVE-2024-10297
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. • https://phpgurukul.com https://vuldb.com/?ctiid.281564 https://vuldb.com/?id.281564 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10296 – PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection
https://notcve.org/view.php?id=CVE-2024-10296
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. • https://vuldb.com/?id.281563 https://vuldb.com/?ctiid.281563 https://vuldb.com/?submit.427400 https://phpgurukul.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10192 – PHPGurukul IFSC Code Finder Project search.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10192
A vulnerability has been found in PHPGurukul IFSC Code Finder Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file search.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_ifsc_code_finder_search_xss.md https://phpgurukul.com https://vuldb.com/?ctiid.280966 https://vuldb.com/?id.280966 https://vuldb.com/?submit.426759 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-10191 – PHPGurukul Boat Booking System Booking Details Page book-details.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10191
A vulnerability, which was classified as problematic, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/book-details.php of the component Booking Details Page. The manipulation of the argument Official Remark leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_booking_details_xss.md https://phpgurukul.com https://vuldb.com/?ctiid.280965 https://vuldb.com/?id.280965 https://vuldb.com/?submit.426734 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-10162 – PHPGurukul Boat Booking System Edit Subdomain Details Page edit-subadmin.php sql injection
https://notcve.org/view.php?id=CVE-2024-10162
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php of the component Edit Subdomain Details Page. The manipulation of the argument sadminusername/fullname/emailid/mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_edit_subadmin_sqli.md https://phpgurukul.com https://vuldb.com/?ctiid.280948 https://vuldb.com/?id.280948 https://vuldb.com/?submit.425449 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •