Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-1702 | 1 Mayurik | 1 Pet Grooming Management Software | 2026-02-13 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument group_id results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used.
|
|||||
| CVE-2025-10081 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | 5.8 MEDIUM | 4.7 MEDIUM |
|
A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.
|
|||||
| CVE-2025-10085 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file manage_website.php. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
|
|||||
| CVE-2025-10083 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-10087 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | 5.8 MEDIUM | 4.7 MEDIUM |
|
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-63717 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-17 | N/A | 6.5 MEDIUM |
|
The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie restrictions, allowing attackers to trick authenticated users into unknowingly changing their passwords.
|
|||||
| CVE-2025-63298 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-11-06 | N/A | 8.2 HIGH |
|
A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/manage_website.php component. An authenticated user with administrative privileges can leverage this flaw by submitting a specially crafted POST request, enabling the deletion of arbitrary files on the web server or underlying operating system.
|
|||||
| CVE-2025-60316 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-16 | N/A | 9.4 CRITICAL |
|
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin/view_customer.php via the ID parameter.
|
|||||
| CVE-2025-60318 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-09 | N/A | 6.1 MEDIUM |
|
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.
|
|||||
| CVE-2025-61087 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-07 | N/A | 6.1 MEDIUM |
|
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field under Customer Management Section.
|
|||||
| CVE-2025-11057 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-03 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/print_inv.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-11051 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-10-03 | 5.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely.
|
|||||
| CVE-2025-10688 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-30 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/operation/paid.php. This manipulation of the argument inv_no/insta_amt causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-10828 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-25 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-10832 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-25 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. The affected element is an unknown function of the file /admin/fetch_product_details.php. The manipulation of the argument barcode results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
|
|||||
| CVE-2025-10839 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-25 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. The impacted element is an unknown function of the file /admin/inv-print.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
|
|||||
| CVE-2025-10840 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-25 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
|
|||||
| CVE-2025-10835 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-24 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/view_payorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.
|
|||||
| CVE-2025-10836 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-24 | 7.5 HIGH | 7.3 HIGH |
|
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/print1.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.
|
|||||
| CVE-2025-10801 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-24 | 7.5 HIGH | 7.3 HIGH |
|
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-10598 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-22 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue affects some unknown processing of the file /admin/search_product.php. Such manipulation of the argument group_id leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-10396 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_role.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-10431 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajax_represent.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-10430 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/barcode.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
|
|||||
| CVE-2025-10429 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_product.php. The manipulation of the argument drop_services results in sql injection. The attack can be launched remotely. The exploit is now public and may be used.
|
|||||
| CVE-2025-10428 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/seo_setting.php of the component Setting Handler. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-10427 | 1 Mayurik | 1 Pet Grooming Management Software | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument website_image can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.
|
|||||