Lucene search
K

224 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-37431

Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

9.8CVSS5.6AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/08 3:31 p.m.12 views

EUVD-2026-28644

Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

9.8CVSS5.9AI score0.0026EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 12:0 a.m.15 views

CVE-2026-37431

Affected product: Beauty Parlour Management System v1.1. Vulnerability: SQL injection via the aptnumber parameter in the /appointment-detail.php endpoint. Impact (as stated): Attacker can access sensitive database information by crafting SQL statements; high confidentiality, integrity, and availa...

9.8CVSS5.9AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.32 views

CVE-2026-37431

Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

Beauty Parlour Management System SQL注入漏洞

Beauty Parlour Management System is a beauty salon management system developed by Darkseid’s developers. Version 1.1 of Beauty Parlour Management System has a SQL injection vulnerability. This vulnerability stems from the aptnumber parameter in the /appointment-detail.php endpoint, which may allo...

9.8CVSS5.8AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/27 2:24 p.m.7 views

CVE-2021-27544

Cross Site Scripting XSS in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter...

4.8CVSS6.7AI score0.01089EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/08 7:22 p.m.7 views

CVE-2026-2088

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

9.8CVSS7.2AI score0.00381EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/07 2:32 p.m.9 views

EUVD-2026-5725

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS5.5AI score0.00381EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/07 2:32 p.m.33 views

CVE-2026-2088 PHPGurukul Beauty Parlour Management System accepted-appointment.php sql injection

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS0.00381EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/07 2:32 p.m.3 views

CVE-2026-2088 PHPGurukul Beauty Parlour Management System accepted-appointment.php sql injection

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS5.6AI score0.00381EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.6 views

CVE-2021-27545

SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter...

6.5CVSS7.9AI score0.01964EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.11 views

CVE-2025-11503

A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has...

9.8CVSS7.1AI score0.00441EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.4 views

CVE-2025-11507

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made...

9.8CVSS7.2AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.5 views

CVE-2025-11506

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the argument searchdata results in sql injection. It is possible to launch the attack remotely. The...

9.8CVSS7.2AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.5 views

CVE-2025-11505

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...

9.8CVSS7.2AI score0.00441EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/08 11:15 p.m.14 views

CVE-2025-11415

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit i...

9.8CVSS7.4AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/08 11:15 p.m.11 views

CVE-2025-11416

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing a manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to th...

9.8CVSS7.2AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/10/08 10:15 p.m.4 views

CVE-2025-11507

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made...

9.8CVSS5.8AI score
Exploits0References5
NVD
NVD
added 2025/10/08 10:15 p.m.4 views

CVE-2025-11505

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...

9.8CVSS0.00441EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/08 10:2 p.m.8 views

CVE-2025-11507 PHPGurukul Beauty Parlour Management System search-invoices.php sql injection

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made...

7.5CVSS0.00384EPSS
Exploits1References5
Rows per page
Query Builder