Phpgurukul Online Birth Certificate System vulnerabilities

CVE-2025-5373 [MEDIUM] CWE-74 CVE-2025-5373: A vulnerability has been found in PHPGurukul Online Birth Certificate System 2.0 and classified as c A vulnerability has been found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This vulnerability affects unknown code of the file /admin/users-applications.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used

CVE-2025-5374 [MEDIUM] CWE-74 CVE-2025-5374: A vulnerability was found in PHPGurukul Online Birth Certificate System 2.0 and classified as critic A vulnerability was found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This issue affects some unknown processing of the file /admin/all-applications.php. The manipulation of the argument del leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5375 [MEDIUM] CWE-74 CVE-2025-5375: A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been c A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/registered-users.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma

CVE-2025-4242 [MEDIUM] CWE-74 CVE-2025-4242: A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/between-dates-report.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and

CVE-2025-4213 [MEDIUM] CWE-74 CVE-2025-4213: A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as c A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-4152 [MEDIUM] CWE-74 CVE-2025-4152: A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System 1.0. Affected is an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be us

CVE-2024-57175 [MEDIUM] CWE-79 CVE-2024-57175: A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Cert A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php.

CVE-2024-55058 [MEDIUM] CWE-706 CVE-2024-55058: An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth C An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of

CVE-2024-55059 [MEDIUM] CWE-79 CVE-2024-55059: A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php.

CVE-2024-55057 [MEDIUM] CWE-916 CVE-2024-55057: Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts.

CVE-2024-55056 [MEDIUM] CWE-79 CVE-2024-55056: A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certific A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth Certificate System 1.0 in /user/certificate-form.php via the full name field.

CVE-2022-29005 [MEDIUM] CWE-79 CVE-2022-29005: Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Onlin Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.