CVE-2024-11646 | 1000 Projects Beauty Parlour Management System 1.0 /admin/edit-services.php sername sql injection

Posted by Angelo Barbosa | Nov 24, 2024 | CVE

A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection.

This vulnerability is known as CVE-2024-11646. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-11646 | 1000 Projects Beauty Parlour Management System 1.0 /admin/edit-services.php sername sql injection

Related Posts

CVE-2024-20747 | Adobe Acrobat 2020 out-of-bounds (apsb24-07)

CVE-2024-6540 | OTRS up to 8.0.x/2023.x/2024.4.x Ticket improper filtering of special elements

CVE-2024-42137 | Linux Kernel up to 5.10.221/5.15.162/6.1.97/6.6.38/6.9.8 QCA6390 qca_serdev_shutdown use after free

CVE-2023-48902 | Tramyardg Autoexpress 1.3.0 uploadCarImages.php improper authentication (ID 177661)