Phpgurukul

News Portal

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2026-5840

Exploit
  • EPSS 0.03%
  • Veröffentlicht 09.04.2026 04:00:15
  • Zuletzt bearbeitet 13.04.2026 15:02:47

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of ...

4.7

CVE-2026-5839

Exploit
  • EPSS 0.03%
  • Veröffentlicht 09.04.2026 03:45:14
  • Zuletzt bearbeitet 13.04.2026 15:02:47

A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be laun...

7.2

CVE-2026-1424

Exploit
  • EPSS 0.02%
  • Veröffentlicht 26.01.2026 07:02:07
  • Zuletzt bearbeitet 27.01.2026 19:47:22

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly av...

6.5

CVE-2026-1142

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.01.2026 06:32:07
  • Zuletzt bearbeitet 27.01.2026 19:49:41

A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to th...

8.8

CVE-2026-1141

Exploit
  • EPSS 0.08%
  • Veröffentlicht 19.01.2026 06:02:07
  • Zuletzt bearbeitet 23.02.2026 09:16:45

A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be l...

9.8

CVE-2025-69992

Exploit
  • EPSS 0.09%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:02

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.

9.8

CVE-2025-69991

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:13

phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.

9.1

CVE-2025-69990

Exploit
  • EPSS 0.12%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:21

phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.

5.9

CVE-2025-12616

Exploit
  • EPSS 0.03%
  • Veröffentlicht 03.11.2025 04:15:32
  • Zuletzt bearbeitet 24.02.2026 07:16:39

A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing a manipulation results in insertion of sensitive information into debugging code. It is possible to init...

8.1

CVE-2025-12615

Exploit
  • EPSS 0.04%
  • Veröffentlicht 03.11.2025 03:32:06
  • Zuletzt bearbeitet 10.11.2025 16:18:36

A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key . The atta...