Phpgurukul Vehicle Record Management System vulnerabilities
6 known vulnerabilities affecting phpgurukul/vehicle_record_management_system.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2024-51223MEDIUMCVSS 4.8v1.02026-03-23
CVE-2024-51223 [MEDIUM] CWE-79 CVE-2024-51223: A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Mobile Number parameter.
nvd
CVE-2024-51222MEDIUMCVSS 4.8v1.02026-03-23
CVE-2024-51222 [MEDIUM] CWE-79 CVE-2024-51222: A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
nvd
CVE-2024-51226MEDIUMCVSS 6.1v1.02026-03-23
CVE-2024-51226 [MEDIUM] CWE-79 CVE-2024-51226: A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpg
A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Search parameter.
nvd
CVE-2024-51225MEDIUMCVSS 4.8v1.02026-03-23
CVE-2024-51225 [MEDIUM] CWE-79 CVE-2024-51225: A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpguruku
A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the brandname parameter.
nvd
CVE-2024-51224MEDIUMCVSS 4.8v1.02026-03-23
CVE-2024-51224 [MEDIUM] CWE-79 CVE-2024-51224: Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Phpg
Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the vehiclename, modelnumber, regnumber, vehiclesubtype, chasisnum and enginenumber parameters.
nvd
CVE-2025-5913MEDIUMCVSS 6.9v1.02025-06-10
CVE-2025-5913 [MEDIUM] CWE-74 CVE-2025-5913: A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as c
A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may
cvelistv5nvd