CVE-2025-45018 – PHPGurukul Park Ticketing Management System SQL Injection

April 30, 2025

CVE ID : CVE-2025-45018

Published : April 30, 2025, 2:15 p.m. | 2 hours, 42 minutes ago

Description : A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45015 – PHPGurukul Park Ticketing Management System Cross-Site Scripting (XSS)

Next Article CVE-2025-45017 – PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

Highlights

CVE-2025-35996 – KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

May 1, 2025

CVE ID : CVE-2025-35996

Published : May 1, 2025, 7:15 p.m. | 53 minutes ago

Description : KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, the filename could be executed as HTML script tag resulting in a cross-site-scripting attack.

Severity: 9.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

Satya Nadella says Microsoft’s AI model performance is “doubling every 6 months”, despite the estranged OpenAI partnership

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

Making V8 eager to compile your JavaScript

Unlock More from Salesforce with the PrecisionIQ Assessment

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

CVE-2025-45018 – PHPGurukul Park Ticketing Management System SQL Injection

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

Blueboat â€“ multi-tenant serverless JavaScript runtime

Assessing Noise Impact on Machine Learning Models for Voice Disorder Evaluation

CVE-2024-13808 – Xpro Elementor Addons – Pro WordPress Remote Code Execution Vulnerability

CHADTree – file explorer for Neovim

CVE-2025-35996 – KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

Tis the Season for Scammers: How to Stay Cyber Safe This Holiday

CVE-2025-3983 – AMTT Hotel Broadband Operation System NLog Down.php Remote Command Injection Vulnerability

CVE-2025-45018 – PHPGurukul Park Ticketing Management System SQL Injection

Related Posts