CVE-2024-11257 | 1000 Projects Beauty Parlour Management System 1.0 forgot-password.php email sql injection

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-11257. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-11257 | 1000 Projects Beauty Parlour Management System 1.0 forgot-password.php email sql injection

Related Posts

CVE-2024-1398 | Ultimate Bootstrap Elements for Elementor Plugin up to 1.3.6 on WordPress cross site scripting

CVE-2021-47291 | Linux Kernel up to 5.4.135/5.10.53/5.13.5 ipv6 fib6_nh_flush_exceptions out-of-bounds

CVE-2024-2024 | Folders Pro Plugin up to 3.0.2 on WordPress handle_folders_file_upload unrestricted upload

CVE-2024-11101 | 1000 Projects Beauty Parlour Management System 1.0 search-invoices.php searchdata sql injection