Phpgurukul Small_crm
19 CVEs affecting Phpgurukul Small_crm. Latest disclosed: 2025-12-31. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-11053 | High | 7.3 | 2025-09-27 | A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the ar… |
CVE-2025-10664 | High | 7.3 | 2025-09-18 | A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argu… |
CVE-2025-10114 | High | 7.3 | 2025-09-09 | A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the a… |
CVE-2025-10079 | High | 7.3 | 2025-09-08 | A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulatio… |
CVE-2025-5227 | High | 7.3 | 2025-05-27 | A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets… |
CVE-2025-5226 | High | 7.3 | 2025-05-27 | A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-passwo… |
CVE-2024-3691 | High | 7.3 | 2024-04-12 | A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the comp… |
CVE-2025-50484 | High | 7.1 | 2025-07-28 | Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack. |
CVE-2024-44648 | Medium | 6.5 | 2025-11-17 | PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php. |
CVE-2024-44644 | Medium | 6.5 | 2025-11-17 | PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php. |
CVE-2024-44641 | Medium | 6.5 | 2025-11-17 | PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php. |
CVE-2025-15390 | Medium | 6.3 | 2025-12-31 | A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in… |
CVE-2024-13001 | Medium | 6.3 | 2024-12-29 | A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php. The ma… |
CVE-2024-13000 | Medium | 6.3 | 2024-12-29 | A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.p… |
CVE-2024-12999 | Medium | 6.3 | 2024-12-29 | A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php… |
CVE-2024-3690 | Medium | 6.3 | 2024-04-12 | A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Chang… |
CVE-2024-44647 | Medium | 6.1 | 2025-11-17 | PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php. |
CVE-2024-48170 | Medium | 5.4 | 2025-02-10 | PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php. |
CVE-2025-9834 | Low | 3.5 | 2025-09-02 | A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php. Executing manipulation o… |