VYPR

Pet Grooming Management Software

by Mayurik

CVEs (29)

  • CVE-2025-10085MedSep 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file manage_website.php. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2025-10083MedSep 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The…

  • CVE-2025-10087MedSep 8, 2025
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The…

  • CVE-2025-10081MedSep 8, 2025
    risk 0.31cvss 4.7epss 0.00

    A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2025-63717Nov 7, 2025
    risk 0.00cvss epss 0.00

    The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie…

  • CVE-2025-60316Oct 9, 2025
    risk 0.00cvss epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter.

  • CVE-2025-60318Oct 8, 2025
    risk 0.00cvss epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.

  • CVE-2025-61087Oct 2, 2025
    risk 0.00cvss epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section.

  • CVE-2025-11051Sep 27, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely.

Page 2 of 2