Lucene search
+L
PhpgurukulMen Salon Management System

17 matches found

CVE
CVE
added 2025/04/20 3:0 p.m.91 views

CVE-2025-3827

CVE-2025-3827 affects PHPGurukul Men Salon Management System 1.0. Multiple connected sources confirm an SQL injection in the /admin/forgot-password.php endpoint, triggered by manipulating the email parameter. The vulnerability is remotely exploitable and has been widely disclosed. The root cause ...

9.8CVSS7.5AI score0.00537EPSS
Web
CVE
CVE
added 2025/04/06 11:0 a.m.81 views

CVE-2025-3316

The CVE-2025-3316 entry concerns PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the /admin/search-invoices.php endpoint caused by improper handling of the searchdata parameter. It can be exploited remotely, and public exploit content exists. Affected software...

9.8CVSS7.5AI score0.00507EPSS
Web
CVE
CVE
added 2025/04/06 7:0 a.m.80 views

CVE-2025-3312

CVE-2025-3312 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the processing of /admin/add-customer-services.php caused by improper handling of the sids[] parameter. It is remote, with potential high impact on confidentiality, integrity, and availabili...

9.8CVSS7.5AI score0.00507EPSS
Web
CVE
CVE
added 2025/04/20 4:0 p.m.78 views

CVE-2025-3829

PHPGurukul Men Salon Management System 1.0 is affected by a SQL injection in /admin/sales-reports-detail.php caused by manipulation of the fromdate/todate parameters. The issue can be exploited remotely and has been publicly disclosed. Public details consistently identify this as a critical issue...

9.8CVSS7.5AI score0.00537EPSS
Web
CVE
CVE
added 2025/04/20 3:31 p.m.77 views

CVE-2025-3828

CVE-2025-3828 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is a SQL injection in the endpoint /admin/view-appointment.php?viewid=11 where manipulating the parameter e.g. remark can trigger exploitation. Attacker can initiate the attack remotely; multiple parameters may be...

9.8CVSS7.5AI score0.00537EPSS
Web
CVE
CVE
added 2025/04/07 1:0 p.m.73 views

CVE-2025-3353

Summary: CVE-2025-3353 affects PHPGurukul Men Salon Management System 1.0, with a SQL injection flaw in an unknown portion of /admin/add-services.php caused by improper handling of the cost parameter. The vulnerability can be triggered remotely and has public disclosure. Multiple connected feeds ...

7.5CVSS7.4AI score0.00428EPSS
Web
CVE
CVE
added 2025/04/19 8:0 p.m.72 views

CVE-2025-3819

CVE-2025-3819 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is a SQL injection in the /admin/search-appointment.php file caused by unsafely handling the searchdata parameter, enabling remote exploitation. Multiple sources describe it as a critical/high-impact issue with po...

9.8CVSS7.5AI score0.00478EPSS
Web
CVE
CVE
added 2025/04/07 2:0 p.m.71 views

CVE-2025-3370

Summary: CVE-2025-3370 affects PHPGurukul Men Salon Management System 1.0, with a SQL injection in the /admin/admin-profile.php endpoint triggered by manipulating the contactnumber parameter. The vulnerability can be exploited remotely and the exploit has been disclosed publicly. Other parameters...

9.8CVSS7.5AI score0.00514EPSS
Web
CVE
CVE
added 2025/04/18 9:0 p.m.71 views

CVE-2025-3796

The CVE-2025-3796 entry concerns PHPGurukul Men Salon Management System 1.0. a vulnerability in the /admin/contact-us.php file where manipulating parameters pagetitle, pagedes, email, mobnumber, and timing leads to SQL injection. The exploit is remotely triggerable and has been disclosed publicly...

8.8CVSS6.8AI score0.00443EPSS
Web
CVE
CVE
added 2025/04/06 6:31 a.m.66 views

CVE-2025-3311

CVE-2025-3311 affects PHPGurukul Men Salon Management System 1.0. The vulnerability resides in /admin/about-us.php where manipulating the pagetitle parameter leads to SQL injection. The attack can be initiated remotely and the exploit has been disclosed publicly. The provided documents do not inc...

9.8CVSS7.6AI score0.00507EPSS
Web
CVE
CVE
added 2025/04/06 8:0 a.m.65 views

CVE-2025-3313

CVE-2025-3313 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is in an unknown function of the file /admin/add-customer.php, where manipulation of the Name parameter leads to SQL injection. It is described as exploitable remotely, with the exploit disclosed publicly. The con...

9.8CVSS7.5AI score0.00507EPSS
Web
CVE
CVE
added 2025/05/05 11:0 p.m.65 views

CVE-2025-4297

PHPGurukul Men Salon Management System 2.0 is affected. The vulnerability resides in /admin/change-password.php and is described as a SQL injection due to improper input handling, with remote exploit possible and multiple parameters affected. The CVE is cited as critical across sources; however, ...

9.8CVSS7.5AI score0.00498EPSS
CVE
CVE
added 2025/04/16 12:31 p.m.63 views

CVE-2025-3689

CVE-2025-3689 affects PHPGurukul Men Salon Management System 1.0. The flaw is an SQL injection in /admin/edit-customer-detailed.php caused by insufficient validation of the editid parameter. It enables remote exploitation, and public disclosure is noted in multiple sources. Remediation recommenda...

9.8CVSS7.5AI score0.00623EPSS
Web
CVE
CVE
added 2025/04/16 1:0 p.m.61 views

CVE-2025-3690

Affected product: PHPGurukul Men Salon Management System 1.0. The vulnerability is an SQL injection in the /admin/edit-services.php file caused by improper handling of the cost parameter. This could be exploited remotely and the exploit has been disclosed publicly. The issue is reflected in multi...

9.8CVSS7.5AI score0.0067EPSS
Web
CVE
CVE
added 2025/04/05 11:0 a.m.60 views

CVE-2025-3299

CVE-2025-3299 affects PHPGurukul Men Salon Management System 1.0. The vulnerability exists in the file /appointment.php where manipulation of the Name argument leads to SQL injection, exploitable remotely over the network. Connected sources consistently identify this exact issue and indicate an S...

7.5CVSS7.5AI score0.00428EPSS
CVE
CVE
added 2024/04/03 12:0 a.m.59 views

CVE-2024-30998

CVE-2024-30998 affects PHPGurukul Men Salon Management System v2.0. A SQL injection via the email parameter in index.php is documented, enabling remote data access and potentially arbitrary code execution. Root cause: inadequate input validation and unsafe query construction. Public sources consi...

9.8CVSS8.5AI score0.01217EPSS
CVE
CVE
added 2024/05/28 8:35 p.m.56 views

CVE-2024-35511

The CVE affects phpgurukul Men Salon Management System v2.0. The vulnerable component is the /msms/admin/index.php endpoint, where the username parameter is susceptible to SQL Injection due to insufficient input handling. This can enable an attacker to manipulate queries and potentially gain unau...

4.7CVSS8.4AI score0.00389EPSS
Web