CVE-2025-63298

A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/managewebsite.php component. An authenticated user with administrative privileges can leverage this flaw by submitting a specially crafted POST request, enabling the deletion of...

SourceCodester Pet Grooming Management System 安全漏洞

SourceCodester Pet Grooming Management System is a SourceCodester open source pet grooming management system. A security vulnerability exists in SourceCodester Pet Grooming Management System version 1.0, which stems from a path traversal in the admin/managewebsite.php component that could lead to...

PT-2025-44449

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management System version 1.0 Description A path traversal flaw exists in the admin/manage website.php component of the software. An authenticated user possessing administrative privileges can exploit this issue by...

CVE-2025-63298

SourceCodester Pet Grooming Management System 1.0 contains a path traversal vulnerability in admin/manage_website.php. An authenticated user with administrative privileges can exploit a crafted POST request to delete arbitrary files on the web server or underlying operating system. The vulnerabil...

CVE-2025-12332

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12294

A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /deletecategory.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may...

CVE-2025-12293

A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might b...

CVE-2025-12257

A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...

CVE-2025-12226

A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function savehouse of the file /adminclass.php. Performing manipulation of the argument houseno results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

EUVD-2025-36369

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332 SourceCodester Student Grades Management System admin.php delete_user cross site scripting

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332 SourceCodester Student Grades Management System admin.php delete_user cross site scripting

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332

Summary: CVE-2025-12332 concerns SourceCodester Student Grades Management System 1.0. The vulnerability lies in the delete_user function in /admin.php, where manipulation can trigger cross-site scripting and may be exploited remotely. Multiple sources confirm that an exploit has been published. I...

CVE-2025-12325

A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-12325

A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

EUVD-2025-36340

A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-12325

CVE-2025-12325 affects SourceCodester Best Salon Management System 1.0. The vulnerability is in panel/forgot-password.php where the email parameter is manipulated to cause SQL injection. It is exploitable remotely, and the exploit has been disclosed publicly. Public sources across multiple feeds ...

EUVD-2025-36199

A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be...