PHPGurukul Complaint Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Complaint Management System.
By the Year
In 2026 there have been 0 vulnerabilities in PHPGurukul Complaint Management System. Last year, in 2025 Complaint Management System had 17 security vulnerabilities published. Right now, Complaint Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 17 | 7.58 |
| 2024 | 9 | 9.80 |
It may take a day or so for new Complaint Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Complaint Management System Security Vulnerabilities
CVE-2024-44654: SQL Injection in PHPGurukul CMS 2.0 reset-password.php
CVE-2024-44654
6.5 - Medium
- November 17, 2025
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php.
SQL Injection
XSS in PHPGurukul CMS 2.0 via search param in user-search.php
CVE-2024-44655
6.1 - Medium
- November 17, 2025
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php.
XSS
PHPGurukul Complaint Management System 2.0 SQLi via subcategory.php
CVE-2024-44658
6.5 - Medium
- November 17, 2025
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php.
SQL Injection
PHPGurukul CMS 2.0 XSS via fromdate/todate in between-date-userreport.php
CVE-2024-46335
4.6 - Medium
- November 17, 2025
PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php.
XSS
SQLI via fromdate & todate in PHPGurukul CMS 2.0
CVE-2024-44657
6.5 - Medium
- November 17, 2025
PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php.
SQL Injection
CSRF via remote function in PHPGurukul Complaint Mgmt Sys 2.0
CVE-2025-7834
4.3 - Medium
- July 19, 2025
A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Session Riding
XSS via /admin/complaint-search.php in PHPGurukul Complaint Management System 2.0
CVE-2025-7802
5.4 - Medium
- July 18, 2025
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
PHPGurukul CMS 2.0: SQLi via Status in /admin/updatecomplaint.php
CVE-2025-5658
8.8 - High
- June 05, 2025
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CVE-2025-5659: PHPGurukul CMS 2.0 SQLi via /user/profile.php pincode
CVE-2025-5659
8.8 - High
- June 05, 2025
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /user/profile.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Mgmt Sys 2.0 – SQLi via 'noc' param
CVE-2025-5660
8.8 - High
- June 05, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 2.0. Affected by this issue is some unknown functionality of the file /user/register-complaint.php. The manipulation of the argument noc leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul CM System 2.0 SQLi via /admin/manage-users.php
CVE-2025-5657
8.8 - High
- June 05, 2025
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in PHPGurukul CMS 2.0 /admin/edit-category.php via desc arg
CVE-2025-5656
8.8 - High
- June 05, 2025
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-category.php. The manipulation of the argument description leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul CMS 2.0 SQLi via /admin/edit-subcategory.php (critical)
CVE-2025-5655
8.8 - High
- June 05, 2025
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Mgmt Sys 2.0 /admin/edit-state.php SQLi Remote
CVE-2025-5654
8.8 - High
- June 05, 2025
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul CMS 2.0 – Critical SQLi via between-date-userreport.php
CVE-2025-5653
8.8 - High
- June 05, 2025
A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul CMS 2.0 – Remote SQLi via /admin/between-date-complaintreport.php
CVE-2025-5652
8.8 - High
- June 05, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/between-date-complaintreport.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul CMS 2.0 - SQLi via mobilenumber in /admin/admin-profile.php (Remote)
CVE-2025-4761
9.8 - Critical
- May 16, 2025
A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. This vulnerability affects unknown code of the file /admin/admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in category.php
CVE-2024-13004
9.8 - Critical
- December 29, 2024
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/category.php. The manipulation of the argument state leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in state.php
CVE-2024-12977
9.8 - Critical
- December 27, 2024
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/state.php. The manipulation of the argument state leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in PHPGurukul CMS 1.0 /admin/complaint-search.php
CVE-2024-12229
9.8 - Critical
- December 05, 2024
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System 1.0 - SQLi in /admin/subcategory.php
CVE-2024-12230
9.8 - Critical
- December 05, 2024
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in User Search Function
CVE-2024-12228
9.8 - Critical
- December 05, 2024
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in Password Reset Functionality
CVE-2024-11967
9.8 - Critical
- November 28, 2024
A vulnerability was found in PHPGurukul Complaint Management system 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/reset-password.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in admin/index.php
CVE-2024-11966
9.8 - Critical
- November 28, 2024
A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in User Index
CVE-2024-11964
9.8 - Critical
- November 28, 2024
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management system 1.0. This affects an unknown part of the file /user/index.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Complaint Management System SQL Injection Vulnerability in Password Reset Functionality
CVE-2024-11965
9.8 - Critical
- November 28, 2024
A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Complaint Management System or by PHPGurukul? Click the Watch button to subscribe.
