VYPR

Beauty Parlour Management System

by Phpgurukul

CVEs (45)

  • CVE-2024-51066Oct 31, 2024
    risk 0.00cvss epss 0.00

    An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.

  • CVE-2024-51065Oct 31, 2024
    risk 0.00cvss epss 0.01

    Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.

  • CVE-2024-37798Jun 17, 2024
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.

  • CVE-2021-27545Apr 15, 2021
    risk 0.00cvss epss 0.02

    SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.

  • CVE-2021-27544Apr 15, 2021
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.

Page 3 of 3