Phpgurukul Online Shopping Portal
By the Year
In 2023 there have been 3 vulnerabilities in Phpgurukul Online Shopping Portal with an average score of 8.9 out of ten. Last year Online Shopping Portal had 1 security vulnerability published. That is, 2 more vulnerabilities have already been reported in 2023 as compared to last year. Last year, the average CVE base score was greater by 0.90
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 3 | 8.90 |
| 2022 | 1 | 9.80 |
| 2021 | 1 | 7.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Online Shopping Portal vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Phpgurukul Online Shopping Portal Security Vulnerabilities
Online Shopping Portal Project 3.1
CVE-2023-38890
8.8 - High
- August 18, 2023
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.
SQL Injection
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability
CVE-2023-37772
8.8 - High
- August 01, 2023
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.
SQL Injection
A vulnerability was found in PHPGurukul Online Shopping Portal 1.0
CVE-2023-3605
9.1 - Critical
- July 10, 2023
A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233467.
Improper Restriction of Excessive Authentication Attempts
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities
CVE-2021-46110
9.8 - Critical
- February 18, 2022
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters.
SQL Injection
An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint
CVE-2021-37807
7.5 - High
- October 27, 2021
An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Phpgurukul Online Shopping Portal or by Phpgurukul? Click the Watch button to subscribe.
