Notice Board System
Monthly
Critical SQL injection vulnerability in PHPGurukul Notice Board System 1.0 affecting the /forgot-password.php endpoint via the email parameter. An unauthenticated remote attacker can exploit this with low complexity to execute arbitrary SQL queries, potentially compromising confidentiality, integrity, and availability of the underlying database. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
A vulnerability classified as critical has been found in PHPGurukul Notice Board System 1.0. This affects an unknown part of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in PHPGurukul Notice Board System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Critical SQL injection vulnerability in PHPGurukul Notice Board System 1.0 affecting the /forgot-password.php endpoint via the email parameter. An unauthenticated remote attacker can exploit this with low complexity to execute arbitrary SQL queries, potentially compromising confidentiality, integrity, and availability of the underlying database. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
A vulnerability classified as critical has been found in PHPGurukul Notice Board System 1.0. This affects an unknown part of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in PHPGurukul Notice Board System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.