Phpgurukul

News Portal

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2026-1424

Exploit
  • EPSS 0.02%
  • Veröffentlicht 26.01.2026 07:02:07
  • Zuletzt bearbeitet 27.01.2026 19:47:22

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly av...

6.5

CVE-2026-1142

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.01.2026 06:32:07
  • Zuletzt bearbeitet 27.01.2026 19:49:41

A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to th...

8.8

CVE-2026-1141

Exploit
  • EPSS 0.07%
  • Veröffentlicht 19.01.2026 06:02:07
  • Zuletzt bearbeitet 23.02.2026 09:16:45

A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be l...

9.8

CVE-2025-69992

Exploit
  • EPSS 0.09%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:02

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.

9.8

CVE-2025-69991

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:13

phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.

9.1

CVE-2025-69990

Exploit
  • EPSS 0.12%
  • Veröffentlicht 13.01.2026 00:00:00
  • Zuletzt bearbeitet 16.01.2026 18:23:21

phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.

5.9

CVE-2025-12616

Exploit
  • EPSS 0.05%
  • Veröffentlicht 03.11.2025 04:15:32
  • Zuletzt bearbeitet 24.02.2026 07:16:39

A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing a manipulation results in insertion of sensitive information into debugging code. It is possible to init...

8.1

CVE-2025-12615

Exploit
  • EPSS 0.05%
  • Veröffentlicht 03.11.2025 03:32:06
  • Zuletzt bearbeitet 10.11.2025 16:18:36

A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key . The atta...

9.8

CVE-2025-5370

Exploit
  • EPSS 0.07%
  • Veröffentlicht 31.05.2025 05:31:05
  • Zuletzt bearbeitet 09.06.2025 18:59:58

A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument Username leads to sql injection. The a...

9.8

CVE-2025-5252

Exploit
  • EPSS 0.06%
  • Veröffentlicht 27.05.2025 17:31:05
  • Zuletzt bearbeitet 09.06.2025 18:51:06

A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php. The manipulation of the argument emailid leads to sql injection. The atta...