CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3138 – PHPGurukul Online Security Guards Hiring System edit-guard-detail.php sql injection
https://notcve.org/view.php?id=CVE-2025-3138
03 Apr 2025 — A vulnerability has been found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ARPANET-cybersecurity/vuldb/issues/3 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3137 – PHPGurukul Online Security Guards Hiring System changeimage.php sql injection
https://notcve.org/view.php?id=CVE-2025-3137
03 Apr 2025 — A vulnerability, which was classified as critical, was found in PHPGurukul Online Security Guards Hiring System 1.0. Affected is an unknown function of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ARPANET-cybersecurity/vuldb/issues/2 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2665 – PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injection
https://notcve.org/view.php?id=CVE-2025-2665
23 Mar 2025 — A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/i-Corner/cve/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2658 – PHPGurukul Online Security Guards Hiring System search-request.php sql injection
https://notcve.org/view.php?id=CVE-2025-2658
23 Mar 2025 — A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/zyb26252/CVE/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39551
https://notcve.org/view.php?id=CVE-2023-39551
04 Aug 2023 — PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php. • https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36936
https://notcve.org/view.php?id=CVE-2023-36936
10 Jul 2023 — Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System using PHP and MySQL 1.0 allows attackers to execute arbitrary code via a crafted payload to the search booking box. • https://medium.com/%40ridheshgohil1092/cve-2023-36936-xss-online-security-guards-hiring-system-773f394f6117 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 7%CPEs: 1EXPL: 3CVE-2023-0527 – PHPGurukul Online Security Guards Hiring System search-request.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-0527
27 Jan 2023 — A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://packetstorm.news/files/id/172667 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •