Phpgurukul Online_shopping_portal

33 CVEs affecting Phpgurukul Online_shopping_portal. Latest disclosed: 2025-11-25. Critical: 3, High: 7.

Top CVEs affecting Phpgurukul Online_shopping_portal
CVESeverityScorePublishedSummary
CVE-2024-44659Critical9.82025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in forgot-password.php.
CVE-2021-46110Critical9.82022-02-18Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters.
CVE-2025-57148Critical9.12025-09-03phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
CVE-2023-38890High8.82023-08-18Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and pot…
CVE-2023-37772High8.82023-08-01Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.
CVE-2021-37807High7.52021-10-27An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that…
CVE-2025-5367High7.32025-05-31A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the fi…
CVE-2025-5079High7.32025-05-22A flaw has been found in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/updateo…
CVE-2025-5078High7.32025-05-22A vulnerability was detected in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/subcategory.php. Performing…
CVE-2024-9326High7.32024-09-29A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/…
CVE-2024-44664Medium6.52025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php.
CVE-2024-44663Medium6.52025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php.
CVE-2024-44662Medium6.52025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the admin page.
CVE-2024-44660Medium6.52025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php.
CVE-2023-3605Medium6.52023-07-10A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionalit…
CVE-2025-1855Medium6.32025-03-03A vulnerability was found in PHPGurukul Online Shopping Portal 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionalit…
CVE-2025-1578Medium6.32025-02-23A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /sear…
CVE-2025-52074Medium6.12025-09-12PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) due to lack of input sanitization in the quantity parameter when adding a pro…
CVE-2024-39090Medium6.12024-07-18The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site S…
CVE-2024-44661Medium5.42025-11-17PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting (XSS) via the quantity parameter in my-cart.php.