PHPGurukul Directory Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Directory Management System.
By the Year
In 2026 there have been 1 vulnerability in PHPGurukul Directory Management System with an average score of 7.3 out of ten. Last year, in 2025 Directory Management System had 8 security vulnerabilities published. Right now, Directory Management System is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 1.54
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.30 |
| 2025 | 8 | 8.84 |
| 2024 | 3 | 6.47 |
| 2023 | 0 | 0.00 |
| 2022 | 4 | 9.80 |
It may take a day or so for new Directory Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Directory Management System Security Vulnerabilities
SQLi via Searchdata in PHPGurukul DirMS 1.0 index.php
CVE-2026-1160
7.3 - High
- January 19, 2026
A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
SQL Injection
PHPGurukul DMS 2.0 Remote SQLi via adminname (admin-profile.php) – Critical
CVE-2025-6333
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul DMS 2.0: SQLi via del param in /admin/manage-directory.php
CVE-2025-6332
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directory.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul DSM 1.0 SQLi via admin/search-dir.php searchdata
CVE-2025-6331
8.8 - High
- June 20, 2025
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul DMS 1.0 SQLi via /searchdata.php (searchdata arg)
CVE-2025-6330
9.8 - Critical
- June 20, 2025
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /searchdata.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Directory Management System 2.0 XSS via /searchdata.php
CVE-2025-4862
6.1 - Medium
- May 18, 2025
A vulnerability, which was classified as problematic, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /searchdata.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
PHPGurukul DMS 2.0 - SQLi in /admin/forget-password.php
CVE-2025-4698
9.8 - Critical
- May 15, 2025
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/forget-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi via editid in PHPGurukul Dir ManSys 2.0 (/admin/edit-directory.php)
CVE-2025-4697
9.8 - Critical
- May 15, 2025
A vulnerability was found in PHPGurukul Directory Management System 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/edit-directory.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in PHPGurukul DirMngmt v2.0 admin/edit-directory.php via POST email
CVE-2025-45021
- April 30, 2025
A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Attackers can exploit this vulnerability via the email parameter in a POST request to execute arbitrary SQL commands.
PHPGurukul Directory Management Sys 1.0 XSS in Searchbar (admin-profile.php)
CVE-2024-5137
4.8 - Medium
- May 20, 2024
A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265213 was assigned to this vulnerability.
XSS
PHPGurukul Directory Mgmt 1.0: Remote XSS via /admin/search-directory.php
CVE-2024-5136
4.8 - Medium
- May 20, 2024
A vulnerability classified as problematic has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /admin/search-directory.php.. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265212.
XSS
PHPGurukul 1.0: SQLi via /admin/index.php username (critical)
CVE-2024-5135
9.8 - Critical
- May 20, 2024
A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265211.
SQL Injection
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability
CVE-2022-31384
9.8 - Critical
- June 16, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.
SQL Injection
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability
CVE-2022-31383
9.8 - Critical
- June 16, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.
SQL Injection
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability
CVE-2022-31382
9.8 - Critical
- June 16, 2022
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.
SQL Injection
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0
CVE-2022-29006
9.8 - Critical
- May 11, 2022
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Directory Management System or by PHPGurukul? Click the Watch button to subscribe.
