CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3265 – PHPGurukul e-Diary Management System add-category.php sql injection
https://notcve.org/view.php?id=CVE-2025-3265
04 Apr 2025 — A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yasuoz99/CVE-/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3242 – PHPGurukul e-Diary Management System search-result.php sql injection
https://notcve.org/view.php?id=CVE-2025-3242
04 Apr 2025 — A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/lkncdy/cve/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3220 – PHPGurukul e-Diary Management System dashboard.php sql injection
https://notcve.org/view.php?id=CVE-2025-3220
04 Apr 2025 — A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. • https://github.com/JunGu-W/cve/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3217 – PHPGurukul e-Diary Management System registration.php sql injection
https://notcve.org/view.php?id=CVE-2025-3217
04 Apr 2025 — A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. • https://github.com/rookiekuan/CVE/issues/3 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3216 – PHPGurukul e-Diary Management System password-recovery.php sql injection
https://notcve.org/view.php?id=CVE-2025-3216
04 Apr 2025 — A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been classified as critical. This affects an unknown part of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/rookiekuan/CVE/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3213 – PHPGurukul e-Diary Management System view-note.php sql injection
https://notcve.org/view.php?id=CVE-2025-3213
04 Apr 2025 — A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. • https://github.com/lyg986443/cve/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3188 – PHPGurukul e-Diary Management System add-notes.php sql injection
https://notcve.org/view.php?id=CVE-2025-3188
04 Apr 2025 — A vulnerability classified as critical has been found in PHPGurukul e-Diary Management System 1.0. This affects an unknown part of the file /add-notes.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/TiggerT/MyCVE/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3187 – PHPGurukul e-Diary Management System login.php sql injection
https://notcve.org/view.php?id=CVE-2025-3187
04 Apr 2025 — A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument logindetail leads to sql injection. The attack may be launched remotely. • https://github.com/TiggerT/MyCVE/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3006 – PHPGurukul e-Diary Management System edit-category.php sql injection
https://notcve.org/view.php?id=CVE-2025-3006
31 Mar 2025 — A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /edit-category.php?id=8. The manipulation of the argument Category leads to sql injection. • https://github.com/yasuoz99/CVE-/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 41%CPEs: 1EXPL: 2CVE-2022-29004
https://notcve.org/view.php?id=CVE-2022-29004
23 May 2022 — Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. Se ha detectado que Diary Management System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro Name en el archivo search-result.php • https://github.com/sudoninja-noob/CVE-2022-29004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •