Filtered by vendor Phpgurukul
Subscribe
Total
903 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12429 | 1 Phpgurukul | 1 Online Course Registration | 2020-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php. | |||||
| CVE-2020-10106 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2020-03-06 | 7.5 HIGH | 9.8 CRITICAL |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database and to bypass the login prompt. | |||||
| CVE-2020-10107 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2020-03-05 | 3.5 LOW | 5.4 MEDIUM |
| PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php. | |||||