Phpgurukul
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Phpgurukul product.
RSS Feeds for Phpgurukul security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Phpgurukul products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Phpgurukul Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2025 there have been 405 vulnerabilities in Phpgurukul with an average score of 9.1 out of ten. Last year, in 2024 Phpgurukul had 212 security vulnerabilities published. That is, 193 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 1.67.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 405 | 9.15 |
2024 | 212 | 7.48 |
2023 | 104 | 7.03 |
2022 | 42 | 7.74 |
2021 | 43 | 7.40 |
2020 | 21 | 8.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Phpgurukul vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Phpgurukul Security Vulnerabilities
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1
CVE-2025-6863
9.8 - Critical
- June 29, 2025
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-category-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.
CVE-2025-50350
- June 26, 2025
PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.
A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3
CVE-2025-51671
- June 26, 2025
A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3
CVE-2025-51672
- June 26, 2025
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute arbitrary SQL code via the companyname parameter in a POST request.
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20
CVE-2024-27685
- June 25, 2025
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables.
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference (IDOR) in odms/request-details.php.
CVE-2025-50693
- June 24, 2025
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference (IDOR) in odms/request-details.php.
Insecure Direct Object Reference / IDOR
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php.
CVE-2025-50695
- June 24, 2025
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php.
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
CVE-2025-50348
- June 23, 2025
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
CVE-2025-50349
- June 23, 2025
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
A vulnerability has been found in PHPGurukul Art Gallery Management System 1.1 and classified as critical
CVE-2025-6417
8.8 - High
- June 21, 2025
A vulnerability has been found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-artist.php. The manipulation of the argument awarddetails leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6416
8.8 - High
- June 21, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /admin/changeimage4.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6415
8.8 - High
- June 21, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6414
8.8 - High
- June 21, 2025
A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6413
8.8 - High
- June 21, 2025
A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6412
8.8 - High
- June 21, 2025
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6411
8.8 - High
- June 21, 2025
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1
CVE-2025-6410
8.8 - High
- June 21, 2025
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical
CVE-2025-6409
9.8 - Critical
- June 21, 2025
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0
CVE-2025-6333
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0
CVE-2025-6332
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directory.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0
CVE-2025-6330
9.8 - Critical
- June 20, 2025
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /searchdata.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0
CVE-2025-6331
8.8 - High
- June 20, 2025
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical
CVE-2025-6322
9.8 - Critical
- June 20, 2025
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visit.php. The manipulation of the argument gname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0
CVE-2025-6323
9.8 - Critical
- June 20, 2025
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /enrollment.php. The manipulation of the argument fathername leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
SQL Injection
A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical
CVE-2025-6321
8.8 - High
- June 20, 2025
A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System 1.0
CVE-2025-6320
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System 1.0. Affected is an unknown function of the file /admin/add-class.php. The manipulation of the argument classname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0
CVE-2025-6318
9.8 - Critical
- June 20, 2025
A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. This vulnerability affects unknown code of the file /admin/check_availability.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0
CVE-2025-6319
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. This issue affects some unknown processing of the file /admin/add-teacher.php. The manipulation of the argument tsubject leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0
CVE-2025-6308
8.8 - High
- June 20, 2025
A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/bwdates-request-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0
CVE-2025-6309
8.8 - High
- June 20, 2025
A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-ambulance.php. The manipulation of the argument ambregnum leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0
CVE-2025-6310
9.8 - Critical
- June 20, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
SQL Injection
A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3
CVE-2025-6300
9.8 - Critical
- June 20, 2025
A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. This vulnerability affects unknown code of the file /admin/editempeducation.php. The manipulation of the argument yopgra leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0
CVE-2025-6287
5.4 - Medium
- June 20, 2025
A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /test-details.php of the component Take Action. The manipulation of the argument remark leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability was found in PHPGurukul COVID19 Testing Management System 2021
CVE-2025-6285
6.1 - Medium
- June 19, 2025
A vulnerability was found in PHPGurukul COVID19 Testing Management System 2021. It has been rated as problematic. This issue affects some unknown processing of the file /search-report-result.php. The manipulation of the argument q leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021
CVE-2025-6286
6.1 - Medium
- June 19, 2025
A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument q leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Open Redirect
A vulnerability was found in PHPGurukul Car Rental Portal 3.0
CVE-2025-6284
4.3 - Medium
- June 19, 2025
A vulnerability was found in PHPGurukul Car Rental Portal 3.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Session Riding
A vulnerability was found in PHPGurukul Hostel Management System 1.0
CVE-2025-6155
9.8 - Critical
- June 17, 2025
A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0
CVE-2025-6157
9.8 - Critical
- June 17, 2025
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0
CVE-2025-6156
8.8 - High
- June 17, 2025
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-ds.php. The manipulation of the argument testtype leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical
CVE-2025-6154
9.8 - Critical
- June 17, 2025
A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical
CVE-2025-6153
9.8 - Critical
- June 17, 2025
A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0
CVE-2025-6127
5.4 - Medium
- June 16, 2025
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search-report.php. The manipulation of the argument serachdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0
CVE-2025-6126
5.4 - Medium
- June 16, 2025
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
XSS
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0
CVE-2025-6125
5.4 - Medium
- June 16, 2025
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagedes leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability has been found in PHPGurukul Rail Pass Management System 1.0 and classified as problematic
CVE-2025-5976
5.4 - Medium
- June 10, 2025
A vulnerability has been found in PHPGurukul Rail Pass Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/add-pass.php. The manipulation of the argument fullname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
XSS
A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0
CVE-2025-5975
6.1 - Medium
- June 10, 2025
A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability, which was classified as problematic, has been found in PHPGurukul Restaurant Table Booking System 1.0
CVE-2025-5974
5.4 - Medium
- June 10, 2025
A vulnerability, which was classified as problematic, has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this issue is some unknown functionality of the file /check-status.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0
CVE-2025-5972
5.4 - Medium
- June 10, 2025
A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
XSS
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0
CVE-2025-5973
5.4 - Medium
- June 10, 2025
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-table.php. The manipulation of the argument tableno leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic
CVE-2025-5970
5.4 - Medium
- June 10, 2025
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
XSS