Online Course Registration
Monthly
SQL injection in PHPGurukul Online Course Registration 3.1 allows remote unauthenticated attackers to manipulate the regno parameter in /admin/check_availability.php, enabling arbitrary database queries with potential for data exfiltration and modification. The vulnerability has a publicly available exploit and CVSS 6.9 score indicating moderate severity with confirmed data confidentiality and integrity impact.
Online Course Registration versions up to 3.1 is affected by cross-site request forgery (csrf) (CVSS 6.5).
Unrestricted file upload in PHPGurukul Online Course Registration versions up to 3.1 allows authenticated attackers to upload arbitrary files through the student profile photo parameter in /admin/edit-student-profile.php. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with login credentials can exploit this remotely to potentially execute malicious code or compromise the application.
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. [CVSS 6.3 MEDIUM]
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in PHPGurukul Online Course Registration 3.1 allows remote unauthenticated attackers to manipulate the regno parameter in /admin/check_availability.php, enabling arbitrary database queries with potential for data exfiltration and modification. The vulnerability has a publicly available exploit and CVSS 6.9 score indicating moderate severity with confirmed data confidentiality and integrity impact.
Online Course Registration versions up to 3.1 is affected by cross-site request forgery (csrf) (CVSS 6.5).
Unrestricted file upload in PHPGurukul Online Course Registration versions up to 3.1 allows authenticated attackers to upload arbitrary files through the student profile photo parameter in /admin/edit-student-profile.php. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with login credentials can exploit this remotely to potentially execute malicious code or compromise the application.
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. [CVSS 6.3 MEDIUM]
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.