5.1
CVE-2025-2375 - PHPGurukul Human Metapneumovirus Testing Management System Admin Profile Page profile.php cross sit…
A vulnerability, which was classified as problematic, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /profile.php of the component Admin Profile Page. The manipulation of the argument email leads to cross site scripting. It i…
5.3
CVE-2025-2374 - PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The att…
5.3
CVE-2025-2373 - PHPGurukul Human Metapneumovirus Testing Management System check_availability.php sql injection
A vulnerability classified as critical was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This vulnerability affects unknown code of the file /check_availability.php. The manipulation of the argument mobnumber/employeeid leads to sql injection. The attack can be initiated …
6.9
CVE-2025-2202 - Broken access control vulnerability in the Innovación y Cualificación local administration plugin a…
Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email.
6.9
CVE-2025-2201 - Broken access control vulnerability in the Innovación y Cualificación IcProgreso plugin
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more.
9.3
CVE-2025-2200 - SQL injection vulnerability in the Innovación y Cualificación IcProgreso plugin
SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query on the parameters user, id, idGroup, start_date and end_date in the endpoint /report/icprogreso/genera…
9.3
CVE-2025-2199 - SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’, ‘searchSpecialitiesLinked’…
6.9
CVE-2025-2372 - PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery…
A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is p…
5.1
CVE-2025-2371 - PHPGurukul Human Metapneumovirus Testing Management System Registered Mobile Number Search register…
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /registered-user-testing.php of the component Registered Mobile Number Search. The manipulation of the argu…
0.0
CVE-2025-2400 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.