PHPGurukul

  1. Vendors
  2. PHPGurukul

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any PHPGurukul product.

RSS Feeds for PHPGurukul security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in PHPGurukul products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by PHPGurukul Sorted by Most Security Vulnerabilities since 2018

 

PHPGurukul Hospital Management System62 vulnerabilities

 

PHPGurukul Zoo Management System37 vulnerabilities

 

PHPGurukul Art Gallery Management System36 vulnerabilities

 

PHPGurukul Online Fire Reporting System32 vulnerabilities

 

PHPGurukul Online Shopping Portal27 vulnerabilities

 

PHPGurukul Complaint Management System26 vulnerabilities

 

PHPGurukul User Registration Login User Management System25 vulnerabilities

 

PHPGurukul Student Record System25 vulnerabilities

 

PHPGurukul Pre School Enrollment System25 vulnerabilities

 

PHPGurukul Land Record System25 vulnerabilities

 

PHPGurukul Vehicle Parking Management System24 vulnerabilities

 

PHPGurukul Dairy Farm Shop Management System24 vulnerabilities

 

PHPGurukul Beauty Parlour Management System22 vulnerabilities

 

PHPGurukul Apartment Visitors Management System21 vulnerabilities

 

PHPGurukul Old Age Home Management System21 vulnerabilities

 

PHPGurukul Nipah Virus Testing Management System21 vulnerabilities

 

PHPGurukul Park Ticketing Management System20 vulnerabilities

 

PHPGurukul Covid19 Testing Management System19 vulnerabilities

 

PHPGurukul Employee Record Management System19 vulnerabilities

 

PHPGurukul Medical Card Generation System18 vulnerabilities

 

PHPGurukul Boat Booking System18 vulnerabilities

 

PHPGurukul Bank Locker Management System17 vulnerabilities

 

PHPGurukul Restaurant Table Booking System17 vulnerabilities

 

PHPGurukul Small Crm17 vulnerabilities

 

PHPGurukul Men Salon Management System17 vulnerabilities

 

PHPGurukul Emergency Ambulance Hiring Portal17 vulnerabilities

 

PHPGurukul Online Nurse Hiring System17 vulnerabilities

 

PHPGurukul Cyber Cafe Management System17 vulnerabilities

 

PHPGurukul Directory Management System16 vulnerabilities

 

PHPGurukul E Diary Management System15 vulnerabilities

 

PHPGurukul Maid Hiring Management System15 vulnerabilities

 

PHPGurukul Rail Pass Management System15 vulnerabilities

 

PHPGurukul News Portal Project14 vulnerabilities

 

PHPGurukul Hostel Management System14 vulnerabilities

 

PHPGurukul News Portal13 vulnerabilities

 

PHPGurukul Online Birth Certificate System12 vulnerabilities

 

PHPGurukul Online Course Registration12 vulnerabilities

 

PHPGurukul Job Portal12 vulnerabilities

 

PHPGurukul Human Metapneumovirus Testing Management System12 vulnerabilities

 

PHPGurukul Doctor Appointment Management System12 vulnerabilities

 

PHPGurukul Daily Expense Tracker System12 vulnerabilities

 

PHPGurukul Autotaxi Stand Management System11 vulnerabilities

 

PHPGurukul Online Shopping Portal Project11 vulnerabilities

 

PHPGurukul Teacher Subject Allocation Management System10 vulnerabilities

 

PHPGurukul Teachers Record Management System10 vulnerabilities

 

PHPGurukul Curfew E Pass Management System10 vulnerabilities

 

PHPGurukul Student Result Management System9 vulnerabilities

 

PHPGurukul Bus Pass Management System9 vulnerabilities

 

PHPGurukul Online Dj Booking Management System9 vulnerabilities

 

PHPGurukul Online Banquet Booking System9 vulnerabilities

 

PHPGurukul Company Visitor Management System9 vulnerabilities

 

PHPGurukul Bp Monitoring Management System8 vulnerabilities

 

PHPGurukul Client Management System8 vulnerabilities

 

PHPGurukul Online Security Guards Hiring System8 vulnerabilities

 

PHPGurukul Blood Bank Donor Management System7 vulnerabilities

 

PHPGurukul Tourism Management System7 vulnerabilities

 

PHPGurukul Online Marriage Registration System7 vulnerabilities

 

PHPGurukul Online Notes Sharing System7 vulnerabilities

 

PHPGurukul Online Course Registration System6 vulnerabilities

 

PHPGurukul Notice Board System6 vulnerabilities

 

PHPGurukul Car Rental Portal5 vulnerabilities

 

PHPGurukul Online Library Management System5 vulnerabilities

 

PHPGurukul Local Services Search Engine Management System4 vulnerabilities

 

PHPGurukul Ifsc Code Finder4 vulnerabilities

 

PHPGurukul Vehicle Record System3 vulnerabilities

 

PHPGurukul Time Table Generator System3 vulnerabilities

 

PHPGurukul Student Study Center Management System3 vulnerabilities

 

PHPGurukul Employee Management System3 vulnerabilities

 

PHPGurukul Human Metapneumovirus2 vulnerabilities

 

PHPGurukul Credit Card Application Management System2 vulnerabilities

 

PHPGurukul Student Management System2 vulnerabilities

 

PHPGurukul Online Notes Sharing Management System2 vulnerabilities

 

PHPGurukul Car Washing Management System2 vulnerabilities

 

PHPGurukul Staff Leave Management System1 vulnerability

 

PHPGurukul Student Project Allocation System1 vulnerability

 

PHPGurukul Elearning System1 vulnerability

 

PHPGurukul Covid 19 Testing Management System1 vulnerability

 

PHPGurukul Medical Card System1 vulnerability

 

PHPGurukul User Management System1 vulnerability

By the Year

In 2026 there have been 37 vulnerabilities in PHPGurukul with an average score of 6.1 out of ten. Last year, in 2025 PHPGurukul had 586 security vulnerabilities published. Right now, PHPGurukul is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 2.53




Year Vulnerabilities Average Score
2026 37 6.07
2025 586 8.60
2024 216 7.46
2023 107 7.03
2022 42 7.74
2021 43 7.40
2020 21 7.81

It may take a day or so for new PHPGurukul vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent PHPGurukul Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-5840 Apr 09, 2026
SQLi in PHPGurukul News Portal 4.1 via /admin/check_availability.php A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
News Portal Project
CVE-2026-5839 Apr 09, 2026
SQL Injection in PHPGurukul News Portal 4.1 /admin/add-subcategory.php A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
News Portal Project
CVE-2026-5838 Apr 09, 2026
SQL Injection in PHPGurukul News Portal 4.1 via /admin/add-subadmins.php A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
News Portal Project
CVE-2026-5837 Apr 09, 2026
PHPGurukul News Portal 4.1 SQLi via /news-details.php Comment Arg A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
News Portal Project
CVE-2026-5814 Apr 08, 2026
PHPGurukul Rec Reg 3.1 Remote SQLi via /admin/check_availability.php A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/check_availability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Online Course Registration
CVE-2026-5813 Apr 08, 2026
PHPGurukul OLCR 3.1 SQLi via cid in check_availability.php A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /check_availability.php. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Online Course Registration
CVE-2026-5641 Apr 06, 2026
PHPGurukul OS P2.1 SQLi via /admin/update-image1.php Parameter Handler A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
Online Shopping Portal Project
CVE-2026-5640 Apr 06, 2026
SQLi in PHPGurukul 2.1 (admin/update-image2.php) via filename A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Online Shopping Portal Project
CVE-2026-5639 Apr 06, 2026
SQL Injection in PHPGurukul 2.1 (admin/update-image3.php) A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
Online Shopping Portal Project
CVE-2026-5636 Apr 06, 2026
PHPGurukul 2.1: SQLi in cancelorder.php via Parameter Handler oid A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Online Shopping Portal Project
CVE-2026-5635 Apr 06, 2026
PHPGurukul 2.1 SQL Injection in /categorywise-products.php (cid) A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Online Shopping Portal Project
CVE-2026-5606 Apr 06, 2026
PHPGurukul Online Shopping Portal 2.1 SQLi via /order-details.php Param Hdlr A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the attack remotely.
Online Shopping Portal Project
CVE-2026-5583 Apr 05, 2026
SQLi in PHPGurukul OSP 2.1 Parameter Handler via fullname (remote) A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Online Shopping Portal Project
CVE-2026-5560 Apr 05, 2026
SQLi in PHPGurukul OSS Portal 2.1 - /payment-method.php Parameter Handler A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Online Shopping Portal Project
CVE-2026-5558 Apr 05, 2026
SQLi in PHPGurukul Shop Portal 2.1: /pending-orders.php A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Online Shopping Portal Project
CVE-2026-5552 Apr 05, 2026
PHPGurukul 2.1 SQLi in Parameter Handler via pid in /sub-category.php A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
Online Shopping Portal Project
CVE-2026-5543 Apr 05, 2026
PHPGurukul 3.3 SQLi in /admin/yesterday-reg-users.php A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
User Registration Login User Management System
CVE-2026-3403 Mar 02, 2026
CVE-2026-3403: XSS in PHPGurukul SRMS 1.0 via /edit-subject.php A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVE-2026-3402 Mar 02, 2026
XSS in PHPGurukul Student Record Management System v1.0 (edit-course.php) A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-70062 Feb 18, 2026
CSRF in PHPGurukul HMS 4.0 Add Doctor module PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts (privileged users) by tricking an authenticated administrator into visiting a malicious page.
Hospital Management System
CVE-2026-2179 Feb 08, 2026
SQLi via ID param in PHPGurukul HM 4.0 manage-users.php A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Hospital Management System
CVE-2026-2134 Feb 08, 2026
SQLi via ID in PHPGurukul HMS 4.0 manage-doctors.php A security vulnerability has been detected in PHPGurukul Hospital Management System 4.0. The affected element is an unknown function of the file /hms/admin/manage-doctors.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Hospital Management System
CVE-2026-2088 Feb 07, 2026
SQLi in PHPGurukul Beauty Parlour 1.1 /admin/accepted-appointment.php A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Beauty Parlour Management System
CVE-2026-1550 Jan 28, 2026
PHPGurukul HMS 1.0 Admin Dashboard Improper Auth Remote Exploit A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
Hospital Management System
CVE-2026-1424 Jan 26, 2026
PHPGurukul News Portal 1.0 - Unrestricted File Upload via Profile Pic Handler A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
News Portal
CVE-2026-1160 Jan 19, 2026
SQLi via Searchdata in PHPGurukul DirMS 1.0 index.php A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Directory Management System
CVE-2026-1142 Jan 19, 2026
XSRF via unknown function in PHPGurukul News Portal 1.0 A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
News Portal
CVE-2026-1141 Jan 19, 2026
PHPGurukul 1.0 Add Sub-Admin Page Improper Auth (Remote) A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit is publicly available and might be used.
News Portal
CVE-2025-70891 Jan 15, 2026
XSS in Phpgurukul Cyber Cafe Mgmt Sys v1.0 User Management A stored cross-site scripting (XSS) vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated attacker can inject arbitrary JavaScript code that is persistently stored in the database. The malicious payload is triggered when a privileged user clicks the View button on the view-allusers.php page.
Cyber Cafe Management System
CVE-2025-69990 Jan 13, 2026
phpgurukul News Portal V4.1 Arbitrary File Deletion via remove_file.php phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.
News Portal
CVE-2025-69991 Jan 13, 2026
SQLi in phpgurukul News Portal v4.1 check_availablity.php phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.
News Portal Project
CVE-2025-69992 Jan 13, 2026
File Upload Vulnerability in phpgurukul News Portal 4.1 via upload.php phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.
News Portal Project
CVE-2026-0803 Jan 09, 2026
SQLi in PHPGurukul ORRS enroll.php <=3.1 A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
Online Course Registration System
CVE-2026-0733 Jan 08, 2026
SQLi in PHPGurukul Online Course Reg System <=3.1 via /admin/manage-students.php A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of the argument id/cid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Online Course Registration System
CVE-2026-0730 Jan 08, 2026
CVE-2026-0730 PHPGurukul SLMS 1.0 XSS via SVG File Handler A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADD_STAFF/UPDATE_STAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profile_pic can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used.
Staff Leave Management System
CVE-2026-0547 Jan 02, 2026
PHPGurukul 3.1: Unrestricted File Upload via /admin/edit-student-profile.php A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
Online Course Registration
CVE-2025-15406 Jan 01, 2026
Missing Authorization in PHPGurukul OR v3.1 and earlier A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Online Course Registration
CVE-2025-15390 Dec 31, 2025
A security flaw has been discovered in PHPGurukul Small CRM 4.0 A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Small Crm
CVE-2025-65647 Nov 25, 2025
CVE-2025-65647: IDOR in Track Order (PHPGURUKUL OS Portal 2.1) Insecure Direct Object Reference (IDOR) in the Track order function in PHPGURUKUL Online Shopping Portal 2.1 allows information disclosure via the oid parameter.
Online Shopping Portal
CVE-2025-13577 Nov 24, 2025
XSS in PHPGurukul 2.1 register-complaint.php via cdetails A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Executing a manipulation of the argument cdetails can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.
Hostel Management System
CVE-2025-63955 Nov 18, 2025
CSRF in PHPGurukul SRS v3.2 manage-students.php Enables Auth Admin Deletion A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of Service (DoS).
Student Record System
CVE-2024-44660 Nov 17, 2025
PHPGurukul Online Shopping Portal 2.0 SQL Injection via login.php PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php.
Online Shopping Portal
CVE-2024-44648 Nov 17, 2025
PHPGurukul Small CRM 3.0 SQLi via id/adminremark in quote-details.php PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php.
Small Crm
CVE-2024-44644 Nov 17, 2025
SQLi in PHPGurukul Small CRM 3.0 via manage-tickets.php PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php.
Small Crm
CVE-2024-44641 Nov 17, 2025
SQLi in PHPGurukul Small CRM 3.0 via oldpass in change-password.php PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php.
Small Crm
CVE-2024-44657 Nov 17, 2025
SQLI via fromdate & todate in PHPGurukul CMS 2.0 PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php.
Complaint Management System
CVE-2024-46335 Nov 17, 2025
PHPGurukul CMS 2.0 XSS via fromdate/todate in between-date-userreport.php PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php.
Complaint Management System
CVE-2024-44663 Nov 17, 2025
SQL Injection in PHPGurukul Online Shopping Portal 2.0 - search-result.php PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php.
Online Shopping Portal
CVE-2024-44658 Nov 17, 2025
PHPGurukul Complaint Management System 2.0 SQLi via subcategory.php PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php.
Complaint Management System
CVE-2024-44664 Nov 17, 2025
PHPGurukul 2.0: SQLi via product-details.php PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php.
Online Shopping Portal
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.