VYPR

Petrol Pump Management Software

by Sourcecodester

CVEs (17)

  • CVE-2025-60316CriOct 9, 2025
    risk 0.61cvss 9.4epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter.

  • CVE-2024-28558HigApr 15, 2024
    risk 0.57cvss 8.8epss 0.01

    SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php.

  • CVE-2025-63717MedNov 7, 2025
    risk 0.42cvss 6.5epss 0.00

    The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie…

  • CVE-2024-10407MedOct 27, 2024
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/edit_customer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the…

  • CVE-2024-10406MedOct 26, 2024
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_fuel.php. The manipulation of the argument id leads to sql injection. The attack…

  • CVE-2024-10380MedOct 25, 2024
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/ajax_product.php. The manipulation of the argument drop_services leads to sql…

  • CVE-2025-60318MedOct 8, 2025
    risk 0.40cvss 6.1epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.

  • CVE-2025-61087MedOct 2, 2025
    risk 0.40cvss 6.1epss 0.00

    SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section.

  • CVE-2024-10355MedOct 25, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack…

  • CVE-2024-10354MedOct 25, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. The attack can be launched…

  • CVE-2024-2062MedMar 1, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. This issue affects some unknown processing of the file /admin/edit_categories.php. The manipulation of the argument id leads to sql injection. The attack may…

  • CVE-2024-2061MedMar 1, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. This vulnerability affects unknown code of the file /admin/edit_supplier.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely.…

  • CVE-2024-2060MedMar 1, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/app/login_crud.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack…

  • CVE-2024-2059MedMar 1, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/service_crud.php. The manipulation of the argument photo leads to unrestricted upload. The…

  • CVE-2024-2058MedMar 1, 2024
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/product.php. The manipulation of the argument photo leads to unrestricted upload.…

  • CVE-2025-11051MedSep 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely.

  • CVE-2024-2063LowMar 1, 2024
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, was found in SourceCodester Petrol Pump Management Software 1.0. Affected is an unknown function of the file /admin/app/profile_crud.php. The manipulation of the argument username leads to cross site scripting. It is possible…