This page lists publicly disclosed CVE vulnerabilities affecting phpgurukul complaint_management_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-46335 | PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromdate and todate parameters in between-date-userreport.php. | [email protected] | 4.6 | 0.17% | 2025-11-17 | 2026-06-17 |
| CVE-2024-44658 | PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the subcategory and category parameters in subcategory.php. | [email protected] | 6.5 | 0.20% | 2025-11-17 | 2026-06-17 |
| CVE-2024-44655 | PHPGurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) via the search parameter in user-search.php. | [email protected] | 6.1 | 0.19% | 2025-11-17 | 2026-06-17 |
| CVE-2024-44654 | PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php. | [email protected] | 6.5 | 0.20% | 2025-11-17 | 2026-06-17 |
| CVE-2024-44657 | PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php. | [email protected] | 6.5 | 0.20% | 2025-11-17 | 2026-06-17 |
| CVE-2025-57151 | phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter. | [email protected] | 8.8 | 0.56% | 2025-09-03 | 2026-06-17 |
| CVE-2025-57150 | phpgurukul Complaint Management System in PHP 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/subcategory.php via the categoryName parameter. | [email protected] | 7.2 | 0.58% | 2025-09-03 | 2026-06-17 |
| CVE-2025-57149 | phpgurukul Complaint Management System 2.0 is vulnerable to SQL Injection in /complaint-details.php via the cid parameter. | [email protected] | 6.5 | 0.40% | 2025-09-03 | 2026-06-17 |
| CVE-2025-57147 | A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php. | [email protected] | 7.5 | 0.45% | 2025-09-03 | 2026-06-17 |
| CVE-2025-57146 | phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter. | [email protected] | 8.1 | 0.41% | 2025-09-03 | 2026-06-17 |
| CVE-2025-7834 | A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 2.1 | 0.21% | 2025-07-19 | 2026-06-17 |
| CVE-2025-7802 | A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 2.0 | 0.16% | 2025-07-18 | 2026-06-17 |
| CVE-2025-5660 | A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 2.0. Affected by this issue is some unknown functionality of the file /user/register-complaint.php. The manipulation of the argument noc leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.36% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5659 | A vulnerability classified as critical was found in PHPGurukul Complaint Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /user/profile.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.36% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5658 | A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5657 | A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5656 | A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-category.php. The manipulation of the argument description leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5655 | A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5654 | A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |
| CVE-2025-5653 | A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.32% | 2025-06-05 | 2026-06-17 |