cbcvebase.

Phpgurukul User Registration Login And User Management System vulnerabilities

25 known vulnerabilities affecting phpgurukul/user_registration_login_and_user_management_system.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH7MEDIUM10

Vulnerabilities

Page 1 of 2
CVE-2020-25952P2CRITICALCVSS 9.8v2.12020-11-16
CVE-2020-25952 [CRITICAL] CWE-89 CVE-2020-25952: SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
nvd
CVE-2025-7542P3CRITICALCVSS 9.8v3.32025-07-13
CVE-2025-7542 [CRITICAL] CWE-74 CVE-2025-7542: A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3 and A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/user-profile.php. The manipulation of the argument uid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the p
nvd
CVE-2025-2050P3CRITICALCVSS 9.8v3.32025-03-07
CVE-2025-2050 [CRITICAL] CWE-74 CVE-2025-2050: A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Ma A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and
nvd
CVE-2024-11818P3CRITICALCVSS 9.8v1.02024-11-27
CVE-2024-11818 [CRITICAL] CWE-74 CVE-2024-11818: A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and Us A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use
nvd
CVE-2025-45949P3CRITICALCVSS 9.8v3.32025-04-28
CVE-2025-45949 [CRITICAL] CWE-384 CVE-2025-45949: A critical vulnerability was found in PHPGurukul User Registration & Login and User Management Syste A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.
nvd
CVE-2025-4934P3CRITICALCVSS 9.8v3.32025-05-19
CVE-2025-4934 [CRITICAL] CWE-74 CVE-2025-4934: A vulnerability has been found in PHPGurukul User Registration & Login and User Management System 3. A vulnerability has been found in PHPGurukul User Registration & Login and User Management System 3.3 and classified as critical. This vulnerability affects unknown code of the file /edit-profile.php. The manipulation of the argument Contact leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and
nvd
CVE-2025-7543P3HIGHCVSS 8.8v3.32025-07-13
CVE-2025-7543 [HIGH] CWE-74 CVE-2025-7543: A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3. It A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3. It has been classified as critical. This affects an unknown part of the file /admin/manage-users.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and
nvd
CVE-2024-11817P3CRITICALCVSS 9.8v1.02024-11-26
CVE-2024-11817 [CRITICAL] CWE-74 CVE-2024-11817: A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t
nvd
CVE-2024-48279P3HIGHCVSS 7.6v3.22024-10-15
CVE-2024-48279 [HIGH] CWE-94 CVE-2024-48279: A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Log A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.
nvd
CVE-2024-48280P3HIGHCVSS 7.6v3.22024-10-15
CVE-2024-48280 [HIGH] CWE-89 CVE-2024-48280: A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Logi A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request.
nvd
CVE-2024-48282P3HIGHCVSS 7.6v3.22024-10-15
CVE-2024-48282 [HIGH] CWE-89 CVE-2024-48282: A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request.
nvd
CVE-2024-48283P3CRITICALCVSS 9.8v3.22024-10-15
CVE-2024-48283 [CRITICAL] CWE-89 CVE-2024-48283: Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection i Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter.
nvd
CVE-2025-8156P3HIGHCVSS 7.2v3.32025-07-25
CVE-2025-8156 [HIGH] CWE-74 CVE-2025-8156: A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3 and classi A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/lastsevendays-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the pu
nvd
CVE-2025-8157P3HIGHCVSS 7.2v3.32025-07-25
CVE-2025-8157 [HIGH] CWE-74 CVE-2025-8157: A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3. It has be A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3. It has been classified as critical. This affects an unknown part of the file /admin/lastthirtyays-reg-users.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public
nvd
CVE-2025-8158P3HIGHCVSS 7.2v3.32025-07-25
CVE-2025-8158 [HIGH] CWE-74 CVE-2025-8158: A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared a A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared as critical. This vulnerability affects unknown code of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2026-5543P3MEDIUMCVSS 6.3v3.32026-04-05
CVE-2026-5543 [MEDIUM] CWE-74 CVE-2026-5543: A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3. A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
nvd
CVE-2024-28323P4MEDIUMCVSS 6.5v3.12024-03-14
CVE-2024-28323 [MEDIUM] CWE-89 CVE-2024-28323: The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management Syste The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a potential security vulnerability related to user input validation. The script retrieves user-provided date inputs without proper validation, making it susceptible to SQL injection attacks.
nvd
CVE-2025-28011P3MEDIUMCVSS 6.1v3.32025-03-13
CVE-2025-28011 [MEDIUM] CWE-89 CVE-2025-28011: A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter.
nvd
CVE-2024-50843P4MEDIUMCVSS 5.3v3.22024-11-14
CVE-2024-50843 [MEDIUM] CWE-22 CVE-2024-50843: A Directory listing issue was found in PHPGurukul User Registration & Login and User Management Syst A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets.
nvd
CVE-2025-28015P4MEDIUMCVSS 5.3v3.32025-03-13
CVE-2025-28015 [MEDIUM] CWE-80 CVE-2025-28015: A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Regi A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary HTML code via the fname, lname, and contact parameters.
nvd
Phpgurukul User Registration Login And User Management System vulnerabilities | cvebase