Filtered by vendor Phpgurukul
Subscriptions
Filtered by product Online Birth Certificate System
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4152 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-05-07 | 7.3 High |
| A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System 1.0. Affected is an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-57175 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-28 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php. | ||||
| CVE-2024-55059 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-27 | 6.1 Medium |
| A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php. | ||||
| CVE-2024-55058 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-27 | 4.3 Medium |
| An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks. | ||||
| CVE-2024-55057 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-27 | 5.4 Medium |
| Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts. | ||||
| CVE-2024-55056 | 1 Phpgurukul | 1 Online Birth Certificate System | 2025-03-27 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field. | ||||
| CVE-2022-29005 | 1 Phpgurukul | 1 Online Birth Certificate System | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters. | ||||
Page 1 of 1.