Anujk305 Vehicle Record Management System vulnerabilities

6 known vulnerabilities affecting anujk305/vehicle_record_management_system.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2025-5913MEDIUMCVSS 6.9v1.02025-06-10
CVE-2025-5913 [MEDIUM] CWE-74 CVE-2025-5913: A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as c A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may
nvd
CVE-2025-44180MEDIUMCVSS 6.1v1.02025-05-15
CVE-2025-44180 [MEDIUM] CWE-79 CVE-2025-44180: Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edi Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit-brand.php?bid={brandId}.
nvd
CVE-2025-44182MEDIUMCVSS 6.1v1.02025-05-15
CVE-2025-44182 [MEDIUM] CWE-79 CVE-2025-44182: Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the vehiclename, modelnumber, regnumber, vehiclesubtype, chasisnum, enginenumber' in the /admin/edit-vehicle.php component. This allows attackers to execute arbitrary code.
nvd
CVE-2025-44181MEDIUMCVSS 6.1v1.02025-05-15
CVE-2025-44181 [MEDIUM] CWE-79 CVE-2025-44181: Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /adm Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/add-brand.php via the brandname parameter.
nvd
CVE-2025-44183MEDIUMCVSS 6.1v1.02025-05-15
CVE-2025-44183 [MEDIUM] CWE-79 CVE-2025-44183: Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /adm Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the name, email, and mobile parameters.
nvd
CVE-2025-29641HIGHCVSS 7.3v1.02025-03-21
CVE-2025-29641 [HIGH] CWE-89 CVE-2025-29641: Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via th Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via the 'searchinputdata' parameter.
nvd