Every CVE whose affected-product data names Phpgurukul Small Crm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2025-5227 — CVSS 7.3 (high): A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file…
CVE-2024-3691 — CVSS 7.3 (high): A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown…
CVE-2025-10079 — CVSS 7.3 (high): A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php…
CVE-2025-10114 — CVSS 7.3 (high): A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The…
CVE-2025-10664 — CVSS 7.3 (high): A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing…
CVE-2025-11053 — CVSS 7.3 (high): A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing…
CVE-2025-5226 — CVSS 7.3 (high): A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file…
CVE-2025-50484 — CVSS 7.1 (high): Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session…
CVE-2024-44644 — CVSS 6.5 (medium): PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frm_id and aremark parameters in manage-tickets.php.
CVE-2024-44648 — CVSS 6.5 (medium): PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php.
CVE-2024-44641 — CVSS 6.5 (medium): PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php.
CVE-2024-3690 — CVSS 6.3 (medium): A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of…
CVE-2024-13001 — CVSS 6.3 (medium): A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file…
CVE-2024-12999 — CVSS 6.3 (medium): A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file…
CVE-2025-15390 — CVSS 6.3 (medium): A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The…
CVE-2024-13000 — CVSS 6.3 (medium): A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file…
CVE-2024-44647 — CVSS 6.1 (medium): PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in manage-tickets.php.
CVE-2024-48170 — CVSS 5.4 (medium): PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.
CVE-2025-9834 — CVSS 3.5 (low): A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php…