PT-2025-28224 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file /panel/schedule-staff.php. The manipulation of the staff id argument leads to SQL injection. It is...

PT-2025-28242 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A problematic issue exists due to cross site scripting. The manipulation of the Name argument in the processing of the file /panel/edit-customer-detailed.php within the Upda...

PT-2025-28266 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A vulnerability has been found in the Admin Profile Page component, specifically affecting the file /panel/admin-profile.php. The manipulation of the Admin Name argument lea...

SourceCodester Best Salon Management System 代码注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. A code injection vulnerability exists in SourceCodester Best Salon Management System version 1.0, which originates from an incorrect operation of the file /panel/editplan.php and could lead to a...

PT-2025-28252 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A problematic issue was found in the Update Staff Page component, specifically in the /panel/edit plan.php file, allowing for cross-site scripting. This can be exploited...

PT-2025-28248 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A problematic issue has been discovered, affecting an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the Staff Na...

CVE-2025-6879

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2025-6880

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-6877

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-6878

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated...

CVE-2025-6876

A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The...

CVE-2025-6875

A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be...

CVE-2025-6873

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely...

CVE-2025-6874

A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/addsubscribe.php. The manipulation of the argument userid/planid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-6871

A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6872

A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely...

CVE-2025-6870

A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched...

CVE-2025-6869

A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/manage.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...

CVE-2025-6868

A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/clients/manage.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2025-6867

A vulnerability was found in SourceCodester Simple Company Website 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/services/manage.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has...