SourceCodester Best Salon Management System 注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has an injection vulnerability, the vulnerability stems from the incorrect operation of the parameter editid in the file /panel/edit-tax.php...

CVE-2025-6877

CVE-2025-6877 affects SourceCodester Best Salon Management System 1.0. The vulnerability lies in /panel/edit-category.php and is triggered by manipulating the editid parameter, resulting in a SQL injection. Remote exploitation is possible, and public disclosure exists. The exploitation status in ...

CVE-2025-6877 SourceCodester Best Salon Management System edit-category.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-6875

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be...

CVE-2025-6876

The CVE-2025-6876 entry affects SourceCodester Best Salon Management System 1.0. The vulnerability is a SQL injection in the file /panel/add-category.php, triggered by manipulating the Name argument in an unknown function, with remote attack capability. Public exploit information is noted by sour...

CVE-2025-6876 SourceCodester Best Salon Management System add-category.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The...

CVE-2025-6876 SourceCodester Best Salon Management System add-category.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The...

CVE-2025-6875 SourceCodester Best Salon Management System edit-subscription.php sql injection

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be...

CVE-2025-6875

The CVE-2025-6875 issue affects SourceCodester Best Salon Management System 1.0. Affected functionality is in the file /panel/edit-subscription.php, where manipulating the editid parameter leads to an SQL injection. The vulnerability permits remote exploitation and has been disclosed publicly. Mu...

CVE-2025-6875 SourceCodester Best Salon Management System edit-subscription.php sql injection

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be...

CVE-2025-6874 SourceCodester Best Salon Management System add_subscribe.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/addsubscribe.php. The manipulation of the argument userid/planid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-6874

CVE-2025-6874 affects SourceCodester Best Salon Management System v1.0. The vulnerability resides in the file /panel/add_subscribe.php , where manipulating the parameters user_id/plan_id leads to a SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. If exploit...

CVE-2025-6862 SourceCodester Best Salon Management System edit_plan.php sql injection

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/editplan.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-6859

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/prosale.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. T...

CVE-2025-6860 SourceCodester Best Salon Management System staff_commision.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staffcommision.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated...

CVE-2025-6860

The CVE-2025-6860 entry concerns SourceCodester Best Salon Management System 1.0, with a vulnerability in the file /panel/staff_commision.php where the manipulation of the fromdate and todate parameters enables SQL injection. This is a remote vulnerability with high impact, as indicated by multip...

CVE-2025-6859 SourceCodester Best Salon Management System pro_sale.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/prosale.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. T...

CVE-2025-6859 SourceCodester Best Salon Management System pro_sale.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/prosale.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. T...

PT-2025-27387 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the editid argument leads to SQL...

PT-2025-27389 · Unknown · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file /panel/edit-category.php. The manipulation of the editid argument leads to SQL injection. It ...