Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beauty parlour management system vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-11257
A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack r...
1000projects Beauty Parlour Management System 1.0
9.8
CVSSv3
CVE-2024-51065
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.
7.5
CVSSv3
CVE-2024-51066
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.
5.9
CVSSv3
CVE-2024-37798
Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote malicious users to inject arbitrary web script or HTML via the search input field.
7.3
CVSSv3
CVE-2024-11591
A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument sername leads to sql injection. It is possible to initiate the at...
7.3
CVSSv3
CVE-2024-11592
A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be initiated...
7.3
CVSSv3
CVE-2024-12234
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-customer-detailed.php. The manipulation of the argument name leads to sql injection. It is possible to laun...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2