ГлавнаяУязвимости → CVE-2025-10459
7.3высокая

CVE-2025-10459

Описание

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/all-appointment.php. The manipulation of the argument delid results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Затрагиваемое ПО
Phpgurukul Beauty parlour management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/xiaoxinkaishi/cve/issues/5https://phpgurukul.com/https://vuldb.com/?ctiid.323887https://vuldb.com/?id.323887https://vuldb.com/?submit.648355