CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54811
https://notcve.org/view.php?id=CVE-2024-54811
12 Dec 2024 — A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter. • https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Park%20ticket/report%20sql.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26958
https://notcve.org/view.php?id=CVE-2023-26958
27 Mar 2023 — Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter. • https://medium.com/%40shiva.infocop/stored-xss-park-ticketing-management-system-phpgurukul-893583dc2e20 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26959
https://notcve.org/view.php?id=CVE-2023-26959
27 Mar 2023 — Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter. • https://medium.com/%40shiva.infocop/authentication-bypass-park-ticketing-management-system-phpgurukul-427045159c05 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •