Santoshcyber1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0 Description: A SQL Injection issue was found in the /admin/bwdates-reports-details.php file, allowing remote attackers to execute arbitrary code via the `fromdate` POST request parameter. Recommendations: For PHPGurukul Land Record System version 1.0, consider disabling access to the /admin/bwdates-reports-details.php file until a patch is available, and restrict the use of the `fromdate` parameter in POST requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0 Description: A SQL Injection issue was found in the /admin/manage-propertytype.php file, allowing remote attackers to execute arbitrary code via the `propertytype` POST request parameter. This enables attackers to potentially manipulate database queries, leading to unauthorized data access or modification. Recommendations: For PHPGurukul Land Record System version 1.0, consider disabling the `/admin/manage-propertytype.php` page or restricting access to it until a patch is available. Additionally, avoid using the `propertytype` parameter in the affected POST request until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online DJ Booking Management System version 1.0 Description: A Reflected Cross Site Scripting (XSS) issue was found in the /odms/admin/user-search.php endpoint, allowing remote attackers to execute arbitrary code via the `searchdata` parameter. Recommendations: For PHPGurukul Online DJ Booking Management System version 1.0, consider disabling access to the /odms/admin/user-search.php endpoint until a patch is available. As a temporary workaround, restrict the use of the `searchdata` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.