Ravi Sharma

4 exploits Active since Dec 2025
CVE-2025-15390 WRITEUP MEDIUM WRITEUP
PHPGurukul Small CRM < 4.0 - Missing Authorization in /admin/edit-user.php
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
CVSS 6.3
CVE-2026-0730 WRITEUP LOW WRITEUP
PHPGurukul Staff Leave Management System 1.0 - Cross-Site Scripting via Profile Pic Argument
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADD_STAFF/UPDATE_STAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profile_pic can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used.
CVSS 2.4
CVE-2026-1424 WRITEUP MEDIUM WRITEUP
PHPGurukul News Portal 1.0 - Unrestricted File Upload in Profile Pic Handler
A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
CVSS 4.7
CVE-2026-1550 WRITEUP MEDIUM WRITEUP
PHPGurukul Hospital Management System 1.0 - Incorrect Privilege Assignment in Admin Dashboard Page
A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
CVSS 6.3