Phpgurukul

Medical Card Generation System

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-50370

  • EPSS 0.02%
  • Veröffentlicht 27.06.2025 00:00:00
  • Zuletzt bearbeitet 01.07.2025 18:13:30

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry rec...

6.5

CVE-2025-50369

  • EPSS 0.02%
  • Veröffentlicht 27.06.2025 00:00:00
  • Zuletzt bearbeitet 01.07.2025 18:13:49

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card record...

6.1

CVE-2025-50367

  • EPSS 0.03%
  • Veröffentlicht 27.06.2025 00:00:00
  • Zuletzt bearbeitet 01.07.2025 18:14:15

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript.

8.8

CVE-2025-5670

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.06.2025 17:15:30
  • Zuletzt bearbeitet 06.06.2025 19:40:14

A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/manage-card.php. The manipulation of the argument ID leads to sql inject...

8.8

CVE-2025-5669

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.06.2025 16:31:10
  • Zuletzt bearbeitet 06.06.2025 19:39:31

A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/unreadenq.php. The manipulation of the argument ID leads to sql injection. The attack can be...

8.8

CVE-2025-5668

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.06.2025 16:31:07
  • Zuletzt bearbeitet 06.06.2025 20:12:46

A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible to initiat...

4.8

CVE-2024-51107

Exploit
  • EPSS 0.05%
  • Veröffentlicht 23.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 16:15:39

Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a craf...

6.1

CVE-2024-51099

Exploit
  • EPSS 0.1%
  • Veröffentlicht 23.05.2025 00:00:00
  • Zuletzt bearbeitet 03.06.2025 15:47:00

A reflected cross-site scripting (XSS) vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in the context of a user's browser ...

6.1

CVE-2024-48704

Exploit
  • EPSS 0.06%
  • Veröffentlicht 23.05.2025 00:00:00
  • Zuletzt bearbeitet 09.06.2025 19:00:51

Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes.

5.4

CVE-2024-51108

Exploit
  • EPSS 0.05%
  • Veröffentlicht 23.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 16:15:39

Multiple stored cross-site scripting (XSS) vulnerabilities in the component /admin/card-bwdates-report.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a...