PHPGurukul News Portal Project
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul News Portal Project.
By the Year
In 2026 there have been 2 vulnerabilities in PHPGurukul News Portal Project with an average score of 9.8 out of ten. Last year, in 2025 News Portal Project had 6 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in News Portal Project in 2026 could surpass last years number. Interestingly, the average vulnerability score and the number of vulnerabilities for 2026 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 9.80 |
| 2025 | 6 | 9.80 |
| 2024 | 2 | 9.30 |
It may take a day or so for new News Portal Project vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul News Portal Project Security Vulnerabilities
File Upload Vulnerability in phpgurukul News Portal 4.1 via upload.php
CVE-2025-69992
9.8 - Critical
- January 13, 2026
phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.
Out-of-bounds Read
SQLi in phpgurukul News Portal v4.1 check_availablity.php
CVE-2025-69991
9.8 - Critical
- January 13, 2026
phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.
SQL Injection
PHPGurukul News Portal 4.1 sql Injection in /admin/forgot-password.php
CVE-2025-5370
9.8 - Critical
- May 31, 2025
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi via emailid in /admin/edit-subadmin.php (PHPGurukul 4.1)
CVE-2025-5252
9.8 - Critical
- May 27, 2025
A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in PHPGurukul News Portal 4.1 (/admin/edit-subcategory.php)
CVE-2025-5251
9.8 - Critical
- May 27, 2025
A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul News Portal 4.1: SQLi via Category in /admin/edit-category.php
CVE-2025-5250
9.8 - Critical
- May 27, 2025
A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in PHPGurukul News Portal 4.1 /admin/add-category.php
CVE-2025-5249
9.8 - Critical
- May 27, 2025
A vulnerability has been found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul NP 4.1 SQLi in admin/contactus.php pagetitle
CVE-2025-4874
9.8 - Critical
- May 18, 2025
A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in PHPGurukul's itsourcecode News Portal 4.1 via search.php
CVE-2024-3768
9.8 - Critical
- April 15, 2024
A vulnerability, which was classified as critical, has been found in PHPGurukul/itsourcecode News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260615.
SQL Injection
Critical SQLi in PHPGurukul News Portal 4.1 via /admin/edit-post.php
CVE-2024-3767
8.8 - High
- April 15, 2024
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul News Portal Project or by PHPGurukul? Click the Watch button to subscribe.
