CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2025-7165 – PHPGurukul/Campcodes Cyber Cafe Management System forgot-password.php sql injection
https://notcve.org/view.php?id=CVE-2025-7165
08 Jul 2025 — A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/f1rstb100d/myCVE/issues/108 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2025-7164 – PHPGurukul/Campcodes Cyber Cafe Management System index.php sql injection
https://notcve.org/view.php?id=CVE-2025-7164
08 Jul 2025 — A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/f1rstb100d/myCVE/issues/107 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2025-5358 – PHPGurukul/Campcodes Cyber Cafe Management System bwdates-reports-details.php sql injection
https://notcve.org/view.php?id=CVE-2025-5358
30 May 2025 — A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. • https://github.com/ASantsSec/CVE/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-4696 – PHPGurukul/Campcodes Cyber Cafe Management System search.php sql injection
https://notcve.org/view.php?id=CVE-2025-4696
15 May 2025 — A vulnerability was found in PHPGurukul Cyber Cafe Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. • https://github.com/Iandweb/CVE/issues/15 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-4695 – PHPGurukul/Campcodes Cyber Cafe Management System add-users.php sql injection
https://notcve.org/view.php?id=CVE-2025-4695
15 May 2025 — A vulnerability was found in PHPGurukul Cyber Cafe Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add-users.php. The manipulation of the argument uadd leads to sql injection. It is possible to launch the attack remotely. • https://github.com/Iandweb/CVE/issues/14 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-4304 – PHPGurukul Cyber Cafe Management System adminprofile.php sql injection
https://notcve.org/view.php?id=CVE-2025-4304
06 May 2025 — A vulnerability, which was classified as critical, was found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /adminprofile.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/3507998897/myCVE/issues/3 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-4226 – PHPGurukul/Campcodes Cyber Cafe Management System add-computer.php sql injection
https://notcve.org/view.php?id=CVE-2025-4226
03 May 2025 — A vulnerability classified as critical has been found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/diyuzhishen/mycve/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34666
https://notcve.org/view.php?id=CVE-2023-34666
15 Jun 2023 — Cross-site scripting (XSS) vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter. • https://www.exploit-db.com/exploits/49204 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 84%CPEs: 1EXPL: 3CVE-2022-29009
https://notcve.org/view.php?id=CVE-2022-29009
11 May 2022 — Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. Múltiples vulnerabilidades de inyección SQL por medio de los parámetros username y password en el panel de administración de Cyber Cafe Management System Project versión v1.0, permiten a atacantes omitir la autenticación • https://github.com/sudoninja-noob/CVE-2022-29009 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •