Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3737 | 1 Mayurik | 1 Pet Grooming Management Software | 2026-04-29 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file add_user.php of the component User Creation Handler. Executing a manipulation can lead to improper authorization. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-10828 | 1 Mayurik | 1 Pet Grooming Management Software | 2026-04-29 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-10801 | 1 Mayurik | 1 Pet Grooming Management Software | 2026-04-29 | 7.5 HIGH | 7.3 HIGH |
| A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-63717 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | N/A | 6.5 MEDIUM |
| The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie restrictions, allowing attackers to trick authenticated users into unknowingly changing their passwords. | |||||
| CVE-2025-63298 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-06 | N/A | 8.2 HIGH |
| A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/manage_website.php component. An authenticated user with administrative privileges can leverage this flaw by submitting a specially crafted POST request, enabling the deletion of arbitrary files on the web server or underlying operating system. | |||||
| CVE-2025-60316 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-16 | N/A | 9.4 CRITICAL |
| SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter. | |||||
| CVE-2025-60318 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-09 | N/A | 6.1 MEDIUM |
| SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields. | |||||
| CVE-2025-61087 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-07 | N/A | 6.1 MEDIUM |
| SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section. | |||||
| CVE-2025-11051 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-03 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. | |||||