GCVE - cpe:2.3:a:phpgurukul:news_portal:4.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:phpgurukul:news_portal:4.1:*:*:*:*:*:*:*

part: a version: 4.1 update: *

Vendor	Phpgurukul (`43390843-85b8-5d5e-9218-29dc10c3657d`)
Product	News Portal (`95c43179-24cd-5906-99b2-eaddff407cc0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-69992`	vulnerable	2026-06-03 15:12:26.262837	Details available phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication. Published: 2026-01-13T00:00:00.000Z Updated: 2026-01-14T14:47:29.156Z Open on db.gcve.eu Reference links https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/File%20upload%20vulnerability.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-69991`	vulnerable	2026-06-03 15:12:26.262569	Details available phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php. Published: 2026-01-13T00:00:00.000Z Updated: 2026-01-14T14:49:09.164Z Open on db.gcve.eu Reference links https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/SQL%20Injection.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-69990`	vulnerable	2026-06-03 15:12:26.262098	Details available phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted. Published: 2026-01-13T00:00:00.000Z Updated: 2026-01-14T14:30:04.693Z Open on db.gcve.eu Reference links https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/File%20deletion%20vulnerability.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-4880`	vulnerable	2026-06-03 15:01:48.910926	PHPGurukul News Portal aboutus.php sql injection HIGH (7.3) A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-18T13:00:09.485Z Updated: 2025-05-19T14:16:31.605Z Open on db.gcve.eu Reference links https://vuldb.com/?id.309433 https://vuldb.com/?ctiid.309433 https://vuldb.com/?submit.576264 https://github.com/Schatten-42/MyCVE/issues/8 https://phpgurukul.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-4874`	vulnerable	2026-06-03 15:01:48.895800	PHPGurukul News Portal Project contactus.php sql injection HIGH (7.3) A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-18T12:00:10.385Z Updated: 2025-05-19T14:17:48.744Z Open on db.gcve.eu Reference links https://vuldb.com/?id.309416 https://vuldb.com/?ctiid.309416 https://vuldb.com/?submit.576251 https://github.com/Schatten-42/MyCVE/issues/7 https://phpgurukul.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-4873`	vulnerable	2026-06-03 15:01:48.894106	PHPGurukul News Portal Login index.php sql injection HIGH (7.3) A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-18T11:31:05.510Z Updated: 2025-05-19T14:18:21.507Z Open on db.gcve.eu Reference links https://vuldb.com/?id.309415 https://vuldb.com/?ctiid.309415 https://vuldb.com/?submit.576244 https://github.com/Schatten-42/MyCVE/issues/6 https://phpgurukul.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1859`	vulnerable	2026-06-03 14:59:06.688566	PHPGurukul News Portal login.php sql injection HIGH (7.3) A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-03-03T09:00:08.310Z Updated: 2025-03-03T12:33:24.270Z Open on db.gcve.eu Reference links https://vuldb.com/?id.298127 https://vuldb.com/?ctiid.298127 https://vuldb.com/?submit.506350 https://github.com/panghuanjie/Code-audits/issues/2 https://phpgurukul.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-3767`	vulnerable	2026-06-03 14:56:31.988389	PHPGurukul News Portal edit-post.php sql injection MEDIUM (6.3) A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2024-04-15T03:00:05.339Z Updated: 2025-05-30T11:19:24.174Z Open on db.gcve.eu Reference links https://vuldb.com/?id.260614 https://vuldb.com/?ctiid.260614 https://vuldb.com/?submit.316290 https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md https://phpgurukul.com/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.