Home/Product/phpgurukul small crm
Product

phpgurukul small crm

26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-15390
<= 4.0
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php
6.3MEDIUM
 CVE-2024-44648
all versions
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php.
6.5MEDIUM
 CVE-2024-44647
all versions
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php.
6.1MEDIUM
 CVE-2024-44644
all versions
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php.
6.5MEDIUM
 CVE-2024-44641
all versions
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php.
6.5MEDIUM
 CVE-2025-11053
all versions
A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Exe
7.3HIGH
 CVE-2025-10664
all versions
A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Execu
7.3HIGH
 CVE-2025-10114
all versions
A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.p
7.3HIGH
 CVE-2025-10079
all versions
A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quo
7.3HIGH
 CVE-2025-9834
all versions
A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.
3.5LOW
 CVE-2025-50484
all versions
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a
7.1HIGH
 CVE-2025-5227
all versions
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of th
7.3HIGH
 CVE-2025-5226
all versions
A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of
7.3HIGH
 CVE-2024-48170
all versions
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.p
5.4MEDIUM
 CVE-2024-13001
all versions
A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the
6.3MEDIUM
 CVE-2024-13000
all versions
A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of th
6.3MEDIUM
 CVE-2024-12999
all versions
A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of
6.3MEDIUM
 CVE-2024-3691
all versions
A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unkn
7.3HIGH
 CVE-2024-3690
all versions
A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functio
6.3MEDIUM
 CVE-2023-50035
all versions
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used
9.8CRITICAL
 CVE-2023-45394
all versions
Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an
5.4MEDIUM
 CVE-2023-44075
all versions
Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payl
5.4MEDIUM
 CVE-2023-43331
all versions
A cross-site scripting (XSS) vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web sc
5.4MEDIUM
 CVE-2023-34650
all versions
PHPgurukl Small CRM v.1.0 is vulnerable to Cross Site Scripting (XSS).
6.1MEDIUM
 CVE-2022-47073
all versions
A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web s
5.4MEDIUM
 CVE-2020-5511
all versions
PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator logi
8.8HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh