Phpgurukul Security Vulnerabilities (CVEs)
Track 477 security vulnerabilities affecting Phpgurukul products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This IDOR vulnerability in PHPGurukul Hospital Management System allows authenticated users to access other patients' confidential medical records by ...
Feb 18, 2026CVE-2024-55270 is an SQL injection vulnerability in phpgurukul Student Management System 1.0 that allows attackers to execute arbitrary SQL commands t...
Feb 17, 2026A Cross-Site Request Forgery (CSRF) vulnerability in phpgurukul Gym Management System 1.0 allows attackers to trick authenticated users into performin...
Feb 17, 2026This CVE describes a SQL injection vulnerability in PHPGurukul Hospital Management System 4.0, specifically in the /hms/admin/manage-doctors.php file ...
Feb 8, 2026CVE-2026-1550 is an improper authorization vulnerability in PHPGurukul Hospital Management System 1.0 that allows attackers to bypass access controls ...
Jan 28, 2026CVE-2026-1424 is an unrestricted file upload vulnerability in PHPGurukul News Portal 1.0's Profile Pic Handler component. This allows remote attackers...
Jan 26, 2026CVE-2025-70899 is a Cross-Site Request Forgery vulnerability in PHPgurukul Online Course Registration v3.1 that allows attackers to perform unauthoriz...
Jan 22, 2026CVE-2026-1160 is a SQL injection vulnerability in PHPGurukul Directory Management System 1.0 that allows remote attackers to execute arbitrary SQL com...
Jan 19, 2026CVE-2025-70892 is a critical SQL injection vulnerability in Phpgurukul Cyber Cafe Management System v1.0 that allows attackers to execute arbitrary SQ...
Jan 15, 2026A time-based blind SQL injection vulnerability in PHPGurukul Cyber Cafe Management System v1.0 allows authenticated attackers to execute arbitrary SQL...
Jan 15, 2026A stored XSS vulnerability in Cyber Cafe Management System v1.0 allows authenticated attackers to inject malicious JavaScript into username fields. Th...
Jan 15, 2026A stored cross-site scripting vulnerability in Phpgurukul Cyber Cafe Management System v1.0 allows authenticated attackers to inject malicious JavaScr...
Jan 15, 2026This CVE describes a SQL injection vulnerability in PHPGurukul Online Course Registration System that allows attackers to manipulate database queries ...
Jan 9, 2026This stored cross-site scripting (XSS) vulnerability in phpgurukul Hostel Management System v2.1 allows attackers to inject malicious scripts into com...
Jan 8, 2026This vulnerability allows remote attackers to upload arbitrary files via the photo parameter in the student registration page of PHPGurukul Online Cou...
Jan 2, 2026This vulnerability in PHPGurukul Small CRM 4.0 allows unauthorized access to the edit-user.php admin function, enabling attackers to modify user accou...
Dec 31, 2025CVE-2025-65380 is an SQL injection vulnerability in PHPGurukul Billing System 1.0 that allows attackers to manipulate database queries through the adm...
Dec 2, 2025PHPGurukul Billing System 1.0 contains a SQL injection vulnerability in the password recovery functionality. Attackers can inject malicious SQL querie...
Dec 2, 2025This vulnerability allows attackers to inject malicious scripts into the Hostel Management System's complaint registration page. Anyone using PHPGuruk...
Nov 24, 2025A CSRF vulnerability in PHPGurukul Student Record System v3.2 allows attackers to trick authenticated administrators into executing unauthorized accou...
Nov 18, 2025PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the forgot-password.php page's email parameter. This allows attackers ...
Nov 17, 2025PHPGurukul Online Shopping Portal 2.0 contains a cross-site scripting vulnerability in the quantity parameter of my-cart.php. This allows attackers to...
Nov 17, 2025PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in product-details.php that allows attackers to manipulate database queri...
Nov 17, 2025PHPGurukul Online Shopping Portal 2.0 contains SQL injection vulnerabilities in the login.php page through the fullname, emailid, and contactno parame...
Nov 17, 2025PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the admin login page's username parameter. This allows attackers to ex...
Nov 17, 2025PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the product parameter of search-result.php. This allows attackers to e...
Nov 17, 2025PHPGurukul Complaint Management System 2.0 contains a cross-site scripting (XSS) vulnerability in the fromdate and todate parameters of between-date-u...
Nov 17, 2025This vulnerability allows attackers to execute arbitrary SQL commands through the email and mobileno parameters in reset-password.php. It affects PHPG...
Nov 17, 2025PHPGurukul Complaint Management System 2.0 contains a cross-site scripting vulnerability in the search parameter of user-search.php. This allows attac...
Nov 17, 2025PHPGurukul Complaint Management System 2.0 contains a SQL injection vulnerability in the subcategory.php file, allowing attackers to manipulate databa...
Nov 17, 2025PHPGurukul Complaint Management System 2.0 contains a SQL injection vulnerability in the between-date-userreport.php file. Attackers can exploit the f...
Nov 17, 2025PHPGurukul Small CRM 3.0 contains a stored cross-site scripting vulnerability in the ticket management system. Attackers can inject malicious scripts ...
Nov 17, 2025PHPGurukul Small CRM 3.0 contains SQL injection vulnerabilities in the quote-details.php file via id and adminremark parameters. This allows attackers...
Nov 17, 2025PHPGurukul Small CRM 3.0 contains a SQL injection vulnerability in the change-password.php file via the oldpass parameter. This allows attackers to ex...
Nov 17, 2025PHPGurukul Small CRM 3.0 contains a SQL injection vulnerability in the manage-tickets.php file through the frm_id and aremark parameters. This allows ...
Nov 17, 2025This SQL injection vulnerability in PHPGurukul Tourism Management System 1.0 allows attackers to manipulate database queries through the uid parameter...
Nov 16, 2025This SQL injection vulnerability in PHPGurukul Student Record System 3.20 allows attackers to manipulate database queries through the adminname and ae...
Nov 14, 2025PHPGurukul Student Record System 3.20 contains SQL injection vulnerabilities in the add-subject.php file through multiple parameters (sub1, sub2, sub3...
Nov 14, 2025CVE-2024-44640 is an SQL injection vulnerability in PHPGurukul Student Record System that allows attackers to manipulate database queries through cour...
Nov 14, 2025This SQL injection vulnerability in PHPGurukul Student Record Management System allows attackers to manipulate database queries through the login page...
Nov 14, 2025This CVE describes SQL injection vulnerabilities in multiple parameters of the register.php file in PHPGurukul Student Record System 3.20. Attackers c...
Nov 14, 2025PHPGurukul Student Record System 3.20 contains SQL injection vulnerabilities in the password recovery functionality. Attackers can manipulate the id a...
Nov 14, 2025This vulnerability allows attackers to execute arbitrary SQL commands via the currentpassword parameter in change-password.php. It affects PHPGurukul ...
Nov 14, 2025This vulnerability allows attackers to inject malicious scripts into the PHPGurukul Student Record System admin profile page. When exploited, it can l...
Nov 14, 2025CVE-2025-50363 is a stored cross-site scripting (XSS) vulnerability in Phpgurukul Maid Hiring Management System 1.0 that allows attackers to inject ma...
Nov 3, 2025PHPGurukul News Portal 1.0 contains a hard-coded cryptographic key in its settings.py file, allowing attackers to potentially decrypt sensitive data o...
Nov 3, 2025This vulnerability in PHPGurukul News Portal 1.0 allows remote attackers to extract sensitive information through debug mode exposure. The attack inse...
Nov 3, 2025Bank Locker Management System by PHPGurukul contains a reflected Cross-Site Scripting vulnerability in the /search parameter that allows attackers to ...
Oct 21, 2025This SQL injection vulnerability in PHPGurukul Beauty Parlour Management System 1.1 allows remote attackers to execute arbitrary SQL commands through ...
Oct 8, 2025This vulnerability allows remote attackers to execute SQL injection attacks via the 'delid' parameter in the /admin/new-appointment.php file of PHPGur...
Oct 8, 2025Why Monitor Phpgurukul Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 477+ known vulnerabilities affecting Phpgurukul products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Phpgurukul packages in under 60 seconds. No agents required - completely agentless scanning that works across Phpgurukul deployments.
Free vulnerability database: Access detailed information about every Phpgurukul CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Phpgurukul CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
