Nguyễn Phước Thịnh

6 exploits Active since Sep 2025
CVE-2025-57146 WRITEUP HIGH WRITEUP
Phpgurukul Complaint Management System - SQL Injection
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
CVSS 8.1
CVE-2025-57147 WRITEUP HIGH WRITEUP
Phpgurukul Complaint Management System - SQL Injection
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.
CVSS 7.5
CVE-2025-57148 WRITEUP CRITICAL WRITEUP
Phpgurukul Online Shopping Portal - Unrestricted File Upload
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
CVSS 9.1
CVE-2025-57149 WRITEUP MEDIUM WRITEUP
Phpgurukul Complaint Management System - SQL Injection
phpgurukul Complaint Management System 2.0 is vulnerable to SQL Injection in /complaint-details.php via the cid parameter.
CVSS 6.5
CVE-2025-57150 WRITEUP HIGH WRITEUP
Phpgurukul Complaint Management System - XSS
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/subcategory.php via the categoryName parameter.
CVSS 7.2
CVE-2025-57151 WRITEUP HIGH WRITEUP
Phpgurukul Complaint Management System - XSS
phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter.
CVSS 8.8