Phpgurukul Small_crm

19 CVEs affecting Phpgurukul Small_crm. Latest disclosed: 2025-12-31. Critical: 0, High: 8.

Top CVEs affecting Phpgurukul Small_crm
CVESeverityScorePublishedSummary
CVE-2025-11053High7.32025-09-27A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the ar…
CVE-2025-10664High7.32025-09-18A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argu…
CVE-2025-10114High7.32025-09-09A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the a…
CVE-2025-10079High7.32025-09-08A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulatio…
CVE-2025-5227High7.32025-05-27A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets…
CVE-2025-5226High7.32025-05-27A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-passwo…
CVE-2024-3691High7.32024-04-12A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the comp…
CVE-2025-50484High7.12025-07-28Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.
CVE-2024-44648Medium6.52025-11-17PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php.
CVE-2024-44644Medium6.52025-11-17PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php.
CVE-2024-44641Medium6.52025-11-17PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php.
CVE-2025-15390Medium6.32025-12-31A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in…
CVE-2024-13001Medium6.32024-12-29A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php. The ma…
CVE-2024-13000Medium6.32024-12-29A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.p…
CVE-2024-12999Medium6.32024-12-29A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php…
CVE-2024-3690Medium6.32024-04-12A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Chang…
CVE-2024-44647Medium6.12025-11-17PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php.
CVE-2024-48170Medium5.42025-02-10PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.
CVE-2025-9834Low3.52025-09-02A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php. Executing manipulation o…