Phpgurukul News Portal Project vulnerabilities

CVE-2026-5840 [MEDIUM] CWE-74 CVE-2026-5840: A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown fu A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

CVE-2026-5839 [MEDIUM] CWE-74 CVE-2026-5839: A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknow A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.

CVE-2026-5837 [MEDIUM] CWE-74 CVE-2026-5837: A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

CVE-2026-5838 [MEDIUM] CWE-74 CVE-2026-5838: A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unk A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-5370 [MEDIUM] CWE-74 CVE-2025-5370: A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vul A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5249 [MEDIUM] CWE-74 CVE-2025-5249: A vulnerability has been found in PHPGurukul News Portal Project 4.1 and classified as critical. Aff A vulnerability has been found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be us

CVE-2025-5252 [MEDIUM] CWE-74 CVE-2025-5252: A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. T A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5251 [MEDIUM] CWE-74 CVE-2025-5251: A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been classified as critical. A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5250 [MEDIUM] CWE-74 CVE-2025-5250: A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-4874 [MEDIUM] CWE-74 CVE-2025-4874: A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-3768 [MEDIUM] CWE-89 CVE-2024-3768: A vulnerability, which was classified as critical, has been found in PHPGurukul/itsourcecode News Po A vulnerability, which was classified as critical, has been found in PHPGurukul/itsourcecode News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The asso

CVE-2024-3767 [MEDIUM] CWE-74 CVE-2024-3767: A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability a A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.