NotCVE - vendor:"Phpgurukul"

Page 56 of 298 results (0.003 seconds)

CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 2

CVE-2021-26822

https://notcve.org/view.php?id=CVE-2021-26822

Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks. Teachers Record Management System versión 1.0, está afectado por una vulnerabilidad de inyección SQL en el parámetro POST "searchteacher" en el archivo search-teacher.php. Esta vulnerabilidad puede ser aprovechada por un atacante remoto no autenticado para filtrar información confidencial y realizar ataques de ejecución de código • https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26822 https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql https://www.exploit-db.com/exploits/49562 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-26052

https://notcve.org/view.php?id=CVE-2020-26052

Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters. Online Marriage Registration System versión 1.0, está afectado por vulnerabilidades de tipo cross-site scripting (XSS) almacenado en múltiples parámetros • https://www.exploit-db.com/exploits/48522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-26303

https://notcve.org/view.php?id=CVE-2021-26303

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. PHPGurukul Daily Expense Tracker System versión 1.0, es vulnerable a un ataque de tipo XSS almacenado por medio del campo Full Name en el archivo user-profile.php • https://packetstormsecurity.com/files/161114/Daily-Expense-Tracker-System-1.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-26304

https://notcve.org/view.php?id=CVE-2021-26304

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. PHPGurukul Daily Expense Tracker System versión 1.0, es vulnerable a un ataque de tipo XSS almacenado por medio del parámetro Item en el archivo add-experiment.php • https://packetstormsecurity.com/files/161114/Daily-Expense-Tracker-System-1.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2

CVE-2020-35745

https://notcve.org/view.php?id=CVE-2020-35745

PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs. PHPGURUKUL Hospital Management System versión V 4.0, no restringe apropiadamente el acceso al archivo admin/dashboard.php, lo que permite a atacantes acceder a todos los datos de usuarios, médicos, pacientes, cambiar la contraseña de administrador, obtener el historial de citas y acceder a todos los registros de sesión • https://medium.com/%40ashketchum/privilege-escalation-unauthenticated-access-to-admin-portal-cve-2020-35745-bb5d5dca97a0 https://www.phpgurukul.com/hospital-management-system-in-php https://www.youtube.com/watch?v=vnSsg6iwV9Y&feature=youtu.be&ab_channel=ashketchum • CWE-862: Missing Authorization •

1...54 55 56 57 58