Vulnerabilities (CVE)

Filtered by vendor Phpgurukul Subscribe
Filtered by product Beauty Parlour Management System
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27545 1 Phpgurukul 1 Beauty Parlour Management System 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.
CVE-2021-27544 1 Phpgurukul 1 Beauty Parlour Management System 2024-11-21 3.5 LOW 4.8 MEDIUM
Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.