PHPGurukul Online Shopping Portal Project
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Online Shopping Portal Project.
By the Year
In 2026 there have been 10 vulnerabilities in PHPGurukul Online Shopping Portal Project with an average score of 6.3 out of ten. Last year, in 2025 Online Shopping Portal Project had 1 security vulnerability published. That is, 9 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 10 | 6.30 |
| 2025 | 1 | 0.00 |
It may take a day or so for new Online Shopping Portal Project vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Online Shopping Portal Project Security Vulnerabilities
PHPGurukul OS P2.1 SQLi via /admin/update-image1.php Parameter Handler
CVE-2026-5641
6.3 - Medium
- April 06, 2026
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
SQL Injection
SQLi in PHPGurukul 2.1 (admin/update-image2.php) via filename
CVE-2026-5640
6.3 - Medium
- April 06, 2026
A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQL Injection in PHPGurukul 2.1 (admin/update-image3.php)
CVE-2026-5639
6.3 - Medium
- April 06, 2026
A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
SQL Injection
PHPGurukul 2.1: SQLi in cancelorder.php via Parameter Handler oid
CVE-2026-5636
6.3 - Medium
- April 06, 2026
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
PHPGurukul 2.1 SQL Injection in /categorywise-products.php (cid)
CVE-2026-5635
6.3 - Medium
- April 06, 2026
A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
PHPGurukul Online Shopping Portal 2.1 SQLi via /order-details.php Param Hdlr
CVE-2026-5606
6.3 - Medium
- April 06, 2026
A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The manipulation of the argument orderid results in sql injection. It is possible to launch the attack remotely.
SQL Injection
SQLi in PHPGurukul OSP 2.1 Parameter Handler via fullname (remote)
CVE-2026-5583
6.3 - Medium
- April 05, 2026
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
SQL Injection
SQLi in PHPGurukul OSS Portal 2.1 - /payment-method.php Parameter Handler
CVE-2026-5560
6.3 - Medium
- April 05, 2026
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
SQL Injection
SQLi in PHPGurukul Shop Portal 2.1: /pending-orders.php
CVE-2026-5558
6.3 - Medium
- April 05, 2026
A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
SQL Injection
PHPGurukul 2.1 SQLi in Parameter Handler via pid in /sub-category.php
CVE-2026-5552
6.3 - Medium
- April 05, 2026
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
SQL Injection
SQL Injection in PHPGurukul Online Shopping Portal v2.1 track-orders.php
CVE-2025-26156
- February 14, 2025
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request parameter.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Online Shopping Portal Project or by PHPGurukul? Click the Watch button to subscribe.
