Directory Management System
Monthly
SQL injection in itsourcecode Directory Management System 1.0 allows unauthenticated remote attackers to manipulate the email parameter in /admin/forget-password.php and execute arbitrary database queries. Public exploit code exists for this vulnerability and no patch is currently available. An attacker can leverage this to extract sensitive data or modify database contents with minimal complexity.
SQL injection in itsourcecode Directory Management System 1.0 allows unauthenticated remote attackers to manipulate the Username parameter in /admin/index.php and execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can compromise data confidentiality, integrity, and availability.
PHPGurukul Directory Management System 1.0 contains a SQL injection vulnerability in the search functionality of /index.php that allows unauthenticated remote attackers to manipulate the searchdata parameter and execute arbitrary database queries. Public exploit code is available for this vulnerability, and no patch is currently available. The vulnerability impacts confidentiality, integrity, and availability with a CVSS score of 7.3.
A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directory.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6330 is a critical SQL injection vulnerability in PHPGurukul Directory Management System version 1.0, specifically in the /searchdata.php file's 'searchdata' parameter. An unauthenticated remote attacker can inject arbitrary SQL commands to compromise confidentiality, integrity, and availability of the underlying database. Public disclosure and proof-of-concept exploitation have occurred, making this an immediately actionable threat despite the moderate CVSS 7.3 score.
A vulnerability, which was classified as problematic, has been found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in itsourcecode Directory Management System 1.0 allows unauthenticated remote attackers to manipulate the email parameter in /admin/forget-password.php and execute arbitrary database queries. Public exploit code exists for this vulnerability and no patch is currently available. An attacker can leverage this to extract sensitive data or modify database contents with minimal complexity.
SQL injection in itsourcecode Directory Management System 1.0 allows unauthenticated remote attackers to manipulate the Username parameter in /admin/index.php and execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can compromise data confidentiality, integrity, and availability.
PHPGurukul Directory Management System 1.0 contains a SQL injection vulnerability in the search functionality of /index.php that allows unauthenticated remote attackers to manipulate the searchdata parameter and execute arbitrary database queries. Public exploit code is available for this vulnerability, and no patch is currently available. The vulnerability impacts confidentiality, integrity, and availability with a CVSS score of 7.3.
A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directory.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6330 is a critical SQL injection vulnerability in PHPGurukul Directory Management System version 1.0, specifically in the /searchdata.php file's 'searchdata' parameter. An unauthenticated remote attacker can inject arbitrary SQL commands to compromise confidentiality, integrity, and availability of the underlying database. Public disclosure and proof-of-concept exploitation have occurred, making this an immediately actionable threat despite the moderate CVSS 7.3 score.
A vulnerability, which was classified as problematic, has been found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Directory Management System 2.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.