PHPGurukul Restaurant Table Booking System

PHPGurukul 1.0 XSS via searchdata in /check-status.php
CVE-2025-5974 5.4 - Medium - June 10, 2025

A vulnerability, which was classified as problematic, has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this issue is some unknown functionality of the file /check-status.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

XSS

PHPGurukul Restaurant Table Booking 1.0: XSS fullname
CVE-2025-5972 5.4 - Medium - June 10, 2025

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

XSS

XSS in PHPGurukul Restaurant Table Booking System 1.0 /admin/add-table.php
CVE-2025-5973 5.4 - Medium - June 10, 2025

A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-table.php. The manipulation of the argument tableno leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

XSS

PHPGurukul Resto Booking 1.0 XSS /admin/add-subadmin.php
CVE-2025-5970 5.4 - Medium - June 10, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

XSS

SQLi in PHPGURUKUL RTBS v1.0 searchdata param
CVE-2024-51101 9.8 - Critical - May 23, 2025

PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php.

SQL Injection

PHPGurukul RTBS 1.0: SQLi via fullname in /edit-subadmin.php (critical)
CVE-2025-3229 7.2 - High - April 04, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /edit-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

Critical SQLi in PHPGurukul RTBS 1.0 via /admin/add-subadmin.php
CVE-2025-3215 8.8 - High - April 04, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

PHPGurukul Restaurant Table Booking System 1.0 SQLi via /admin/password-recovery.php
CVE-2025-1952 9.8 - Critical - March 04, 2025

A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/password-recovery.php. The manipulation of the argument username/mobileno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

PHPGurukul TBS 1.0 SQLi via mobilenumber in /admin/profile.php
CVE-2025-1906 9.8 - Critical - March 04, 2025

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

Critical SQLi via tableno in PHPGurukul RTBS 1.0 /add-table.php
CVE-2025-1900 9.8 - Critical - March 04, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /add-table.php. The manipulation of the argument tableno leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi via username in /admin/check_availability.php (PHPGurukul 1.0)
CVE-2025-1901 9.8 - Critical - March 04, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in PHPGurukul 1.0's /search-result.php via searchdata
CVE-2025-1894 9.8 - Critical - March 04, 2025

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in PHPGurukul RBS 1.0 /admin/bwdates-report-details.php
CVE-2023-7100 9.8 - Critical - December 25, 2023

A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate/tdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQL Injection in Restaurant Table Booking System V1.0 Admin (index.php)
CVE-2023-48016 7.5 - High - December 01, 2023

Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter.

SQL Injection

PHPGurukul 1.0 Booking info disclosure via bid param in Reservation Handler
CVE-2023-6076 7.5 - High - November 10, 2023

A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability.

SQL Injection in PHPGurukul Restaurant Table Booking Sys 1.0 (check-status.php)
CVE-2023-6074 9.8 - Critical - November 10, 2023

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file check-status.php of the component Booking Reservation Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-244943.

SQL Injection

XSS in PHPGurukul Restaurant Table Booking Sys 1.0 Reservation Handler
CVE-2023-6075 6.1 - Medium - November 10, 2023

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244944.

XSS