Phpgurukul Online_shopping_portal
33 CVEs affecting Phpgurukul Online_shopping_portal. Latest disclosed: 2025-11-25. Critical: 3, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-44659 | Critical | 9.8 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in forgot-password.php. |
CVE-2021-46110 | Critical | 9.8 | 2022-02-18 | Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. |
CVE-2025-57148 | Critical | 9.1 | 2025-09-03 | phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation. |
CVE-2023-38890 | High | 8.8 | 2023-08-18 | Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and pot… |
CVE-2023-37772 | High | 8.8 | 2023-08-01 | Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. |
CVE-2021-37807 | High | 7.5 | 2021-10-27 | An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that… |
CVE-2025-5367 | High | 7.3 | 2025-05-31 | A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the fi… |
CVE-2025-5079 | High | 7.3 | 2025-05-22 | A flaw has been found in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/updateo… |
CVE-2025-5078 | High | 7.3 | 2025-05-22 | A vulnerability was detected in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/subcategory.php. Performing… |
CVE-2024-9326 | High | 7.3 | 2024-09-29 | A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/… |
CVE-2024-44664 | Medium | 6.5 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php. |
CVE-2024-44663 | Medium | 6.5 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php. |
CVE-2024-44662 | Medium | 6.5 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in the admin page. |
CVE-2024-44660 | Medium | 6.5 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php. |
CVE-2023-3605 | Medium | 6.5 | 2023-07-10 | A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionalit… |
CVE-2025-1855 | Medium | 6.3 | 2025-03-03 | A vulnerability was found in PHPGurukul Online Shopping Portal 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionalit… |
CVE-2025-1578 | Medium | 6.3 | 2025-02-23 | A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /sear… |
CVE-2025-52074 | Medium | 6.1 | 2025-09-12 | PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) due to lack of input sanitization in the quantity parameter when adding a pro… |
CVE-2024-39090 | Medium | 6.1 | 2024-07-18 | The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site S… |
CVE-2024-44661 | Medium | 5.4 | 2025-11-17 | PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting (XSS) via the quantity parameter in my-cart.php. |