Litbot

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Online Course Registration version 3.1 **Description** A SQL injection issue exists in PHPGurukul Online Course Registration version 3.1. The issue is located in the `/my-profile.php` file. Manipulation of the `cgpa` argument can trigger the vulnerability. The attack can be initiated remotely, and the exploit has been made public. **Recommendations** As a mitigation, sanitize the `cgpa` argument in the `/my-profile.php` file to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Beauty Parlour Management System version 1.1 **Description** A SQL injection issue exists in PHPGurukul Beauty Parlour Management System version 1.1. The issue is located in the `/admin/readenq.php` file, within an unknown function. Manipulation of the `delid` parameter can lead to SQL injection, and the attack can be executed remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Beauty Parlour Management System version 1.1 **Description** A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file `/admin/view-enquiry.php`. The manipulation of the argument `viewid` leads to SQL injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public. **Recommendations** As a temporary workaround, consider restricting access to the `/admin/view-enquiry.php` file until a patch is available. Sanitize the `viewid` parameter before using it in any database queries.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: A SQL injection issue exists in PHPGurukul Hospital Management System 4.0, specifically within the `/admin/doctor-specilization.php` file. The `doctorspecilization` argument is susceptible to manipulation, allowing for remote exploitation. The exploit details have been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: A vulnerability exists in PHPGurukul Hospital Management System 4.0, affecting unknown code within the `/admin/edit-doctor.php` file. Manipulation of the `docfees` argument results in a SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul User Registration & Login and User Management System version 3.3 **Description** A critical vulnerability has been found in the PHPGurukul User Registration & Login and User Management System. This issue affects unknown code of the file /edit-profile.php. The manipulation of the `Contact` argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For PHPGurukul User Registration & Login and User Management System version 3.3, as a temporary workaround, consider disabling the `Contact` argument in the /edit-profile.php file until a patch is available. Restrict access to the /edit-profile.php file to minimize the risk of exploitation. Avoid using the `Contact` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.