Phpgurukul: >> Beauty Parlour Management System >> 1.1 Security Vulnerabilities
A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-12-10
Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-12-10
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-31
An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-10-31