baixiaobi

6 exploits Active since Apr 2025
CVE-2025-28072 WRITEUP HIGH WRITEUP
Phpgurukul Pre-school Enrollment System - Path Traversal
PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php.
CVSS 7.5
CVE-2025-50348 WRITEUP HIGH WRITEUP
PHPGurukul Pre-School Enrollment System Project V1.0 - Path Traversal
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
CVSS 7.5
CVE-2025-50349 WRITEUP HIGH WRITEUP
PHPGurukul Pre-School Enrollment System Project V1.0 - Path Traversal
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
CVSS 7.5
CVE-2025-50350 WRITEUP MEDIUM WRITEUP
PHPGurukul Pre-School Enrollment System Project <v1.0 - Path Traversal
PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.
CVSS 5.4
CVE-2025-56074 WRITEUP CRITICAL WRITEUP
PHPGurukul Park Ticketing Mgmt <2.0 - SQL Injection
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request.
CVSS 9.8
CVE-2025-56075 WRITEUP MEDIUM WRITEUP
PHPGurukul Park Ticketing Mgmt <2.0 - SQL Injection
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request.
CVSS 5.4