Lucene search
+L

39 matches found

OSV
OSV
added 2025/06/29 10:15 p.m.7 views

CVE-2025-6874

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/addsubscribe.php. The manipulation of the argument userid/planid leads to sql injection. It is possible to launch the attack remotely...

8.8CVSS5.7AI score0.00361EPSS
Exploits1References5
NVD
NVD
added 2025/06/29 10:15 p.m.9 views

CVE-2025-6874

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/addsubscribe.php. The manipulation of the argument userid/planid leads to sql injection. It is possible to launch the attack remotely...

8.8CVSS0.00361EPSS
Exploits1References5
NVD
NVD
added 2025/06/29 3:15 p.m.14 views

CVE-2025-6862

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/editplan.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

8.8CVSS0.00361EPSS
Exploits1References5
CVE
CVE
added 2025/06/29 2:31 p.m.39 views

CVE-2025-6862

CVE-2025-6862 affects SourceCodester Best Salon Management System 1.0. The vulnerability is an SQL injection in the file /panel/edit_plan.php via the editid parameter, exploitable remotely. Public exploit appears to be disclosed. Multiple sources concur on a critical impact with potential for con...

8.8CVSS6.8AI score0.00361EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/29 2:15 p.m.11 views

CVE-2025-6861

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/addplan.php. The manipulation of the argument planname/description/durationdays/price leads to sql injection. The attack may b...

8.8CVSS0.00361EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/29 2:0 p.m.6 views

CVE-2025-6861 SourceCodester Best Salon Management System add_plan.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/addplan.php. The manipulation of the argument planname/description/durationdays/price leads to sql injection. The attack may b...

6.5CVSS7.6AI score0.00361EPSS
Exploits1References5
CVE
CVE
added 2025/06/29 2:0 p.m.23 views

CVE-2025-6861

CVE-2025-6861 affects SourceCodester Best Salon Management System 1.0. The weakness is in /panel/add_plan.php where manipulating the plan_name/description/duration_days/price parameters enables SQL injection. Exploitation can be remote, and public disclosure indicates active risk. Reported scores...

8.8CVSS6.8AI score0.00361EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/29 1:15 p.m.12 views

CVE-2025-6860

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staffcommision.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated...

8.8CVSS0.00361EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/06/27 3:17 p.m.6 views

CVE-2025-6609

A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be...

8.8CVSS7.7AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/27 2:25 p.m.7 views

CVE-2025-6606

A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be initiated remotely...

8.8CVSS7.7AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/27 12:16 a.m.11 views

CVE-2025-6582

A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid leads to sql injection. The attack may be...

8.8CVSS6.7AI score0.00369EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/25 2:31 p.m.20 views

CVE-2025-6608 SourceCodester Best Salon Management System edit-services.php sql injection

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-services.php. The manipulation of the argument editid leads to sql injection. The attack can be launched...

6.5CVSS0.0037EPSS
Exploits1References5
CVE
CVE
added 2025/06/25 2:31 p.m.26 views

CVE-2025-6608

The CVE-2025-6608 entry affects SourceCodester Best Salon Management System 1.0. The vulnerability is in an unknown functionality of the file /panel/edit-services.php where manipulating the editid argument causes an SQL injection. Exploitation can be remote, and publicly disclosed exploits exist....

8.8CVSS7.6AI score0.0037EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/25 2:15 p.m.12 views

CVE-2025-6607

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

8.8CVSS0.0037EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/25 1:31 p.m.15 views

CVE-2025-6605 SourceCodester Best Salon Management System edit-staff.php sql injection

A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS0.0037EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/25 1:0 p.m.18 views

CVE-2025-6604 SourceCodester Best Salon Management System add-staff.php sql injection

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

6.5CVSS0.0037EPSS
Exploits1References5
NVD
NVD
added 2025/06/25 12:15 a.m.7 views

CVE-2025-6583

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The...

8.8CVSS0.00369EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.4 views

PT-2025-26834 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file /panel/edit-services.php. The manipulation of the editid argument leads to SQ...

8.8CVSS6.8AI score0.0037EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/06/24 10:31 p.m.14 views

CVE-2025-6581 SourceCodester Best Salon Management System add-customer.php sql injection

A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/details/dob/marriagedate leads to sql...

6.5CVSS0.0037EPSS
Exploits1References5
Rows per page
Query Builder