Vulnerabilities in PHPGurukul

706 results
Vexday analysis

Com 706 CVEs catalogadas e 19 novas entradas nos últimos 90 dias, o portfólio de vulnerabilidades em produtos PHPGurukul demonstra volume expressivo e ritmo contínuo de descoberta. A falha mais prevalente é CWE-89 (SQL Injection), o que é coerente com o perfil de aplicações PHP orientadas a banco de dados; o CVE mais perigoso atualmente ativo é CVE-2023-0562, com score EPSS de 0,4117 — valor relevante que indica probabilidade não negligenciável de exploração. Embora a taxa de exploração confirmada (0 entradas no CISA KEV) esteja abaixo da média geral do catálogo, a existência de 20 vulnerabilidades com PoC pública e 13 de severidade crítica representa superfície de ataque considerável para equipes que dependem dessas aplicações. A presença de código de prova de conceito disponível publicamente eleva o risco prático mesmo sem confirmação formal de exploração em larga escala, exigindo atenção prioritária na aplicação de patches e validação de entradas.

CVE-2026-5583MEDIUMPHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injectionEPSS 0.2%CVE-2026-5635MEDIUMPHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injectionEPSS 0.2%CVE-2026-5552MEDIUMPHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injectionEPSS 0.2%CVE-2025-5976MEDIUMPHPGurukul Rail Pass Management System add-pass.php cross site scriptingEPSS 0.2%CVE-2025-5974MEDIUMPHPGurukul Restaurant Table Booking System check-status.php cross site scriptingEPSS 0.2%CVE-2026-6162MEDIUMPHPGurukul Company Visitor Management System bwdates-reports-details.php cross site scriptingEPSS 0.2%CVE-2025-7941MEDIUMPHPGurukul Time Table Generator System profile.php cross site scriptingEPSS 0.2%CVE-2025-5782MEDIUMPHPGurukul Employee Record Management System resetpassword.php sql injectionEPSS 0.2%CVE-2025-6288MEDIUMPHPGurukul Bus Pass Management System Profile Page admin-profile.php cross site scriptingEPSS 0.2%CVE-2024-8471MEDIUMSQL injection vulnerability in Job PortalEPSS 0.2%CVE-2026-0730MEDIUMPHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scriptingEPSS 0.2%CVE-2025-12303MEDIUMPHPGurukul Curfew e-Pass Management System admin-profile.php cross site scriptingEPSS 0.2%CVE-2025-12311MEDIUMPHPGurukul Curfew e-Pass Management System edit-category-detail.php cross site scriptingEPSS 0.2%CVE-2025-6125MEDIUMPHPGurukul Rail Pass Management System aboutus.php cross site scriptingEPSS 0.2%CVE-2025-7819MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request create-pass.php cross site scriptingEPSS 0.2%CVE-2025-12312MEDIUMPHPGurukul Curfew e-Pass Management System view-pass-detail.php cross site scriptingEPSS 0.2%CVE-2025-7815MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request manage-newvisitors.php cross site scriptingEPSS 0.2%CVE-2025-6287MEDIUMPHPGurukul COVID19 Testing Management System Take Action test-details.php cross site scriptingEPSS 0.2%CVE-2025-7857MEDIUMPHPGurukul Apartment Visitors Management System HTTP POST Request bwdates-passreports-details.php cross site scriptingEPSS 0.2%CVE-2025-7767MEDIUMPHPGurukul Art Gallery Management System edit-art-medium-detail.php cross site scriptingEPSS 0.2%