Phpgurukul Art Gallery Management System vulnerabilities

CVE-2025-2642 [MEDIUM] CWE-74 CVE-2025-2642: A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management Sy A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/edit-art-product-detail.php?editid=2. The manipulation of the argument editide/sprice/description leads to sql injection. It is possible to initiate the attack remotely. The exploit has been discl

CVE-2025-2647 [MEDIUM] CWE-74 CVE-2025-2647: A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as crit A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-2644 [MEDIUM] CWE-74 CVE-2025-2644: A vulnerability was found in PHPGurukul Art Gallery Management System 1.0 and classified as critical A vulnerability was found in PHPGurukul Art Gallery Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add-art-product.php. The manipulation of the argument arttype leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-2627 [MEDIUM] CWE-74 CVE-2025-2627: A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Manageme A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be u

CVE-2025-2628 [MEDIUM] CWE-74 CVE-2025-2628: A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management Sy A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-2047 [MEDIUM] CWE-79 CVE-2025-2047: A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument search leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2023-51978 [MEDIUM] CWE-89 CVE-2023-51978: In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" p In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection.

CVE-2023-37771 [CRITICAL] CWE-89 CVE-2023-37771: Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at / Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php.

CVE-2023-24726 [CRITICAL] CWE-89 CVE-2023-24726: Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the v Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page.

CVE-2023-23155 [CRITICAL] CWE-89 CVE-2023-23155: Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerabi Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login.

CVE-2023-23156 [CRITICAL] CWE-89 CVE-2023-23156: Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerabi Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page.

CVE-2023-23157 [MEDIUM] CWE-79 CVE-2023-23157: A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allo A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page.

CVE-2023-23158 [MEDIUM] CWE-79 CVE-2023-23158: A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allo A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page.

CVE-2023-23162 [CRITICAL] CWE-89 CVE-2023-23162: Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability v Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php.

CVE-2023-23163 [CRITICAL] CWE-89 CVE-2023-23163: Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability v Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter.

CVE-2023-23161 [MEDIUM] CWE-79 CVE-2023-23161: A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 a A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the artname parameter under ART TYPE option in the navigation bar.