Vulnerabilities in PHPGurukul

706 results
Vexday analysis

Com 706 CVEs catalogadas e 19 novas entradas nos últimos 90 dias, o portfólio de vulnerabilidades em produtos PHPGurukul demonstra volume expressivo e ritmo contínuo de descoberta. A falha mais prevalente é CWE-89 (SQL Injection), o que é coerente com o perfil de aplicações PHP orientadas a banco de dados; o CVE mais perigoso atualmente ativo é CVE-2023-0562, com score EPSS de 0,4117 — valor relevante que indica probabilidade não negligenciável de exploração. Embora a taxa de exploração confirmada (0 entradas no CISA KEV) esteja abaixo da média geral do catálogo, a existência de 20 vulnerabilidades com PoC pública e 13 de severidade crítica representa superfície de ataque considerável para equipes que dependem dessas aplicações. A presença de código de prova de conceito disponível publicamente eleva o risco prático mesmo sem confirmação formal de exploração em larga escala, exigindo atenção prioritária na aplicação de patches e validação de entradas.

CVE-2026-2179MEDIUMPHPGurukul Hospital Management System manage-users.php sql injectionEPSS 0.3%CVE-2025-6285MEDIUMPHPGurukul COVID19 Testing Management System search-report-result.php cross site scriptingEPSS 0.3%CVE-2025-7924MEDIUMPHPGurukul Online Banquet Booking System admin-profile.php cross site scriptingEPSS 0.3%CVE-2025-7926MEDIUMPHPGurukul Online Banquet Booking System booking-search.php cross site scriptingEPSS 0.3%CVE-2026-2134MEDIUMPHPGurukul Hospital Management System manage-doctors.php sql injectionEPSS 0.3%CVE-2025-11330MEDIUMPHPGurukul Beauty Parlour Management System sales-reports-detail.php sql injectionEPSS 0.3%CVE-2026-1141MEDIUMPHPGurukul News Portal Add Sub-Admin add-subadmins.php improper authorizationEPSS 0.3%CVE-2025-7817MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request bwdates-reports.php cross site scriptingEPSS 0.3%CVE-2025-7856MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request pass-details.php cross site scriptingEPSS 0.3%CVE-2025-6126MEDIUMPHPGurukul Rail Pass Management System contact.php cross site scriptingEPSS 0.3%CVE-2025-7818MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request category.php cross site scriptingEPSS 0.3%CVE-2025-2645MEDIUMPHPGurukul Art Gallery Management System product.php cross site scriptingEPSS 0.3%CVE-2025-4242MEDIUMPHPGurukul Online Birth Certificate System between-dates-report.php sql injectionEPSS 0.3%CVE-2025-7816MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request visitor-detail.php cross site scriptingEPSS 0.3%CVE-2025-5783MEDIUMPHPGurukul Employee Record Management System editmyexp.php sql injectionEPSS 0.3%CVE-2024-13018MEDIUMPHPGurukul Maid Hiring Management System profile.php cross site scriptingEPSS 0.3%CVE-2024-13015MEDIUMPHPGurukul Maid Hiring Management System search-booking-request.php cross site scriptingEPSS 0.3%CVE-2025-2650MEDIUMPHPGurukul Medical Card Generation System download-medical-cards.php cross site scriptingEPSS 0.3%CVE-2024-13080MEDIUMPHPGurukul Land Record System aboutus.php cross site scriptingEPSS 0.3%CVE-2024-13074MEDIUMPHPGurukul Land Record System index.php cross site scriptingEPSS 0.3%