Lucene search
K
Oretnom23Simple Online Men's Salon Management System

8 matches found

CVE
CVE
added 2024/05/17 9:0 p.m.64 views

CVE-2024-5069

The CVE-2024-5069 vulnerability affects SourceCodester Simple Online Mens Salon Management System 1.0, specifically the view_service.php file. Affected functionality allows manipulation of the id argument, leading to SQL injection . The issue can be exploited remotely, and the vulnerability has b...

9.8CVSS7.3AI score0.00579EPSS
CVE
CVE
added 2023/07/28 5:31 a.m.52 views

CVE-2023-3987

CVE-2023-3987 affects SourceCodester Simple Online Mens Salon Management System 1.0. The vulnerability is a SQL injection in the file path /admin/?page=user/manage_user&id=3 (parameter id) that can be manipulated remotely. Multiple sources confirm an exploitation vector and public disclosure of t...

9.8CVSS8.3AI score0.00684EPSS
Web
CVE
CVE
added 2021/12/23 1:21 p.m.51 views

CVE-2021-44600

The CVE-2021-44600 entry concerns Simple Online Mens Salon Management System (MSMS) 1.0, where the password parameter is vulnerable to SQL injection. Connected sources (PT-2021-24139) provide concrete details: the vulnerability resides in the password parameter and can allow an attacker to retrie...

7.5CVSS7.9AI score0.01255EPSS
CVE
CVE
added 2023/07/28 5:0 a.m.50 views

CVE-2023-3986

SourceCodester Simple Online Mens Salon Management System v1.0 exposes a cross-site scripting vulnerability in the /admin/?page=user/list endpoint. The issue arises from unsafely handling the First Name/Last Name/Username fields, allowing an attacker to inject script. The vulnerability is potenti...

4.8CVSS4.3AI score0.00551EPSS
Web
CVE
CVE
added 2026/03/03 12:0 a.m.15 views

CVE-2026-26884

The CVE describes a SQL Injection vulnerability in Sourcecodester Online Men’s Salon Management System v1.0, specifically affecting the PHP endpoint /msms/admin/appointments/view_appointment.php. The affected component is the appointments view logic, with the root cause identified as an injection...

2.7CVSS6AI score0.0022EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.15 views

CVE-2026-26885

CVE-2026-26885 affects the Sourcecodester Online Men's Salon Management System v1.0. The vulnerability is an SQL Injection in the endpoint /classes/Master.php?f=delete_service, caused by unsafe SQL handling in the related function. The impact is described as low with no user interaction required,...

2.7CVSS6AI score0.0022EPSS
Web
CVE
CVE
added 2026/03/03 12:0 a.m.12 views

CVE-2026-26883

CVE-2026-26883 affects Sourcecodester Online Men’s Salon Management System v1.0. Affected component: SQL injection vulnerability in /msms/classes/Master.php?f=delete_appointment due to unsanitized input. Reported across multiple sources (NVD, Red Hat, CVE List, etc.). CVSS v3.1 vector: AV:N/AC:L/...

2.7CVSS6AI score0.0022EPSS
Web
CVE
CVE
added 2026/03/03 12:0 a.m.12 views

CVE-2026-26886

CVE-2026-26886 affects Sourcecodester Online Men’s Salon Management System v1.0. The vulnerability is a SQL Injection in the admin path /admin/services/manage_service.php, caused by unsanitized input that allows injection into SQL queries. Multiple sources (Red Hat, NVD, CVE list, Attackerkb, CVE...

2.7CVSS6AI score0.0022EPSS