Anujk305 Medical Card Generation System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Anujk305 Medical Card Generation System.
By the Year
In 2026 there have been 0 vulnerabilities in Anujk305 Medical Card Generation System. Last year, in 2025 Medical Card Generation System had 6 security vulnerabilities published. Right now, Medical Card Generation System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 6 | 5.10 |
| 2024 | 2 | 6.00 |
It may take a day or so for new Medical Card Generation System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Anujk305 Medical Card Generation System Security Vulnerabilities
CSRF: Authenticated DELETE via GET in Phpgurukul MCGS 1.0 readenq.php
CVE-2025-50370
- June 27, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring a CSRF token or validating the origin of the request.
CSRF in PHPGurukul Medical Card Gen Sys 1.0 – /mcgs/admin/manage-card.php
CVE-2025-50369
- June 27, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET request without verifying the origin of the request.
Blind XSS in mcgs/contact.php of Phpgurukul Medical Card Generation System 1.0
CVE-2025-50367
- June 27, 2025
A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript.
XSS in PHPGURUKUL Medical Card Gen System v1.0 /admin/card-bwdates-report.php
CVE-2024-51108
5.4 - Medium
- May 23, 2025
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /admin/card-bwdates-report.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fromdate and todate parameters.
XSS
XSS in PHPGURUKUL Card Gen 1.0 – /mcgs/admin/contactus.php via params
CVE-2024-51107
4.8 - Medium
- May 23, 2025
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle, pagedes, and email parameters.
XSS
XSS in PHPGURUKUL Med Card Gen System v1.0 admin/aboutus.php
CVE-2024-51106
- May 19, 2025
A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.
PhpGurukul Medical Card Generation System: Cross-Site Scripting (XSS) Vulnerability in search-medica
CVE-2024-48703
4.8 - Medium
- December 06, 2024
PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.
XSS
PHPGurukul MedicCardGen 1.0: /admin/changeimage.php SQLi via editid
CVE-2024-10297
7.2 - High
- October 23, 2024
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Anujk305 Medical Card Generation System or by Anujk305? Click the Watch button to subscribe.
