Beauty Parlour Management System@1.1 Security Vulnerabilities and Issues — Beauty Parlour Management System@1.1 CVE List

Lucene search

PhpgurukulBeauty Parlour Management System1.1

4 matches found

CVE•added 2024/12/10 8:15 p.m.•55 views

CVE-2024-53481

A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters.

6.1CVSS6.5AI score0.00033EPSS

CVE•added 2024/12/10 8:15 p.m.•44 views

CVE-2024-53480

Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in login.php via the emailcont parameter.

9.8CVSS8.1AI score0.00101EPSS

CVE•added 2024/10/31 7:15 p.m.•42 views

CVE-2024-51065

Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.

9.8CVSS8.3AI score0.00117EPSS

CVE•added 2024/10/31 7:15 p.m.•35 views

CVE-2024-51066

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.

7.5CVSS7AI score0.00052EPSS