17 matches found
CVE-2025-3827
CVE-2025-3827 affects PHPGurukul Men Salon Management System 1.0. Multiple connected sources confirm an SQL injection in the /admin/forgot-password.php endpoint, triggered by manipulating the email parameter. The vulnerability is remotely exploitable and has been widely disclosed. The root cause ...
CVE-2025-3316
The CVE-2025-3316 entry concerns PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the /admin/search-invoices.php endpoint caused by improper handling of the searchdata parameter. It can be exploited remotely, and public exploit content exists. Affected software...
CVE-2025-3312
CVE-2025-3312 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the processing of /admin/add-customer-services.php caused by improper handling of the sids[] parameter. It is remote, with potential high impact on confidentiality, integrity, and availabili...
CVE-2025-3829
PHPGurukul Men Salon Management System 1.0 is affected by a SQL injection in /admin/sales-reports-detail.php caused by manipulation of the fromdate/todate parameters. The issue can be exploited remotely and has been publicly disclosed. Public details consistently identify this as a critical issue...
CVE-2025-3828
CVE-2025-3828 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is a SQL injection in the endpoint /admin/view-appointment.php?viewid=11 where manipulating the parameter e.g. remark can trigger exploitation. Attacker can initiate the attack remotely; multiple parameters may be...
CVE-2025-3353
Summary: CVE-2025-3353 affects PHPGurukul Men Salon Management System 1.0, with a SQL injection flaw in an unknown portion of /admin/add-services.php caused by improper handling of the cost parameter. The vulnerability can be triggered remotely and has public disclosure. Multiple connected feeds ...
CVE-2025-3819
CVE-2025-3819 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is a SQL injection in the /admin/search-appointment.php file caused by unsafely handling the searchdata parameter, enabling remote exploitation. Multiple sources describe it as a critical/high-impact issue with po...
CVE-2025-3370
Summary: CVE-2025-3370 affects PHPGurukul Men Salon Management System 1.0, with a SQL injection in the /admin/admin-profile.php endpoint triggered by manipulating the contactnumber parameter. The vulnerability can be exploited remotely and the exploit has been disclosed publicly. Other parameters...
CVE-2025-3796
The CVE-2025-3796 entry concerns PHPGurukul Men Salon Management System 1.0. a vulnerability in the /admin/contact-us.php file where manipulating parameters pagetitle, pagedes, email, mobnumber, and timing leads to SQL injection. The exploit is remotely triggerable and has been disclosed publicly...
CVE-2025-3311
CVE-2025-3311 affects PHPGurukul Men Salon Management System 1.0. The vulnerability resides in /admin/about-us.php where manipulating the pagetitle parameter leads to SQL injection. The attack can be initiated remotely and the exploit has been disclosed publicly. The provided documents do not inc...
CVE-2025-3313
CVE-2025-3313 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is in an unknown function of the file /admin/add-customer.php, where manipulation of the Name parameter leads to SQL injection. It is described as exploitable remotely, with the exploit disclosed publicly. The con...
CVE-2025-4297
PHPGurukul Men Salon Management System 2.0 is affected. The vulnerability resides in /admin/change-password.php and is described as a SQL injection due to improper input handling, with remote exploit possible and multiple parameters affected. The CVE is cited as critical across sources; however, ...
CVE-2025-3689
CVE-2025-3689 affects PHPGurukul Men Salon Management System 1.0. The flaw is an SQL injection in /admin/edit-customer-detailed.php caused by insufficient validation of the editid parameter. It enables remote exploitation, and public disclosure is noted in multiple sources. Remediation recommenda...
CVE-2025-3690
Affected product: PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the /admin/edit-services.php file caused by improper handling of the cost parameter. This could be exploited remotely and the exploit has been disclosed publicly. The issue is reflected in multi...
CVE-2025-3299
CVE-2025-3299 affects PHPGurukul Men Salon Management System 1.0. The vulnerability exists in the file /appointment.php where manipulation of the Name argument leads to SQL injection, exploitable remotely over the network. Connected sources consistently identify this exact issue and indicate an S...
CVE-2024-30998
CVE-2024-30998 affects PHPGurukul Men Salon Management System v2.0. A SQL injection via the email parameter in index.php is documented, enabling remote data access and potentially arbitrary code execution. Root cause: inadequate input validation and unsafe query construction. Public sources consi...
CVE-2024-35511
The CVE affects phpgurukul Men Salon Management System v2.0. The vulnerable component is the /msms/admin/index.php endpoint, where the username parameter is susceptible to SQL Injection due to insufficient input handling. This can enable an attacker to manipulate queries and potentially gain unau...