Pet Grooming Management Software
by Mayurik
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-10085 | Med | 0.41 | 6.3 | 0.00 | Sep 8, 2025 | A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file manage_website.php. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been… | ||
| CVE-2025-10083 | Med | 0.41 | 6.3 | 0.00 | Sep 8, 2025 | A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The… | ||
| CVE-2025-10087 | Med | 0.31 | 4.7 | 0.00 | Sep 8, 2025 | A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The… | ||
| CVE-2025-10081 | Med | 0.31 | 4.7 | 0.00 | Sep 8, 2025 | A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been… | ||
| CVE-2025-63717 | 0.00 | — | 0.00 | Nov 7, 2025 | The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie… | |||
| CVE-2025-60316 | 0.00 | — | 0.00 | Oct 9, 2025 | SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter. | |||
| CVE-2025-60318 | 0.00 | — | 0.00 | Oct 8, 2025 | SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields. | |||
| CVE-2025-61087 | 0.00 | — | 0.00 | Oct 2, 2025 | SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section. | |||
| CVE-2025-11051 | 0.00 | — | 0.00 | Sep 27, 2025 | A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. |
- risk 0.41cvss 6.3epss 0.00
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file manage_website.php. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The…
- risk 0.31cvss 4.7epss 0.00
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The…
- risk 0.31cvss 4.7epss 0.00
A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been…
- CVE-2025-63717Nov 7, 2025risk 0.00cvss —epss 0.00
The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie…
- CVE-2025-60316Oct 9, 2025risk 0.00cvss —epss 0.00
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter.
- CVE-2025-60318Oct 8, 2025risk 0.00cvss —epss 0.00
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.
- CVE-2025-61087Oct 2, 2025risk 0.00cvss —epss 0.00
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section.
- CVE-2025-11051Sep 27, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely.
Page 2 of 2