Beauty Parlour Management System Security Vulnerabilities and Issues — Beauty Parlour Management System CVE List

Lucene search

PhpgurukulBeauty Parlour Management System

10 matches found

CVE•added 2024/12/10 8:15 p.m.•55 views

CVE-2024-53481

A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters.

6.1CVSS6.5AI score0.00033EPSS

CVE•added 2024/12/10 8:15 p.m.•44 views

CVE-2024-53480

Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in login.php via the emailcont parameter.

9.8CVSS8.1AI score0.00101EPSS

CVE•added 2024/06/17 9:15 p.m.•42 views

CVE-2024-37798

Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.

5.9CVSS5.8AI score0.00154EPSS

CVE•added 2024/10/31 7:15 p.m.•42 views

CVE-2024-51065

Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.

9.8CVSS8.3AI score0.00117EPSS

CVE•added 2024/10/31 7:15 p.m.•35 views

CVE-2024-51066

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.

7.5CVSS7AI score0.00052EPSS

CVE•added 2021/04/15 12:15 p.m.•27 views

CVE-2021-27545

SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.

6.5CVSS6.8AI score0.00853EPSS

CVE•added 2021/04/15 12:15 p.m.•24 views

CVE-2021-27544

Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.

4.8CVSS5.3AI score0.00255EPSS

CVE•added 2025/05/18 6:15 a.m.•22 views

CVE-2025-4861

A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched rem...

9.8CVSS7.7AI score0.0005EPSS

CVE•added 2025/05/16 8:15 a.m.•17 views

CVE-2025-4757

A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit ...

9.8CVSS7.5AI score0.00037EPSS

CVE•added 2025/05/16 8:15 a.m.•16 views

CVE-2025-4758

A vulnerability classified as critical has been found in PHPGurukul Beauty Parlour Management System 1.1. Affected is an unknown function of the file /contact.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been discl...

9.8CVSS7.6AI score0.00037EPSS