MEDIUM🇬🇧 English

CVE-2025-11057

CVSS 5.5v4.0pub. 2025-09-27upd. 2026-04-29

A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/print_inv.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Mayurik Pet Grooming Management Software

    APP
    Mayurik
    1.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2025-60316CRITICAL9.4PL ✓ten sam produkt

SQL Injection w Pet Grooming Management Software via parametr ID

CVE-2025-63298HIGH8.2ten sam produkt

A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting ...

CVE-2025-63717MEDIUM6.5ten sam produkt

The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Manage...

CVE-2025-60318MEDIUM6.1ten sam produkt

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/prof...

CVE-2025-61087MEDIUM6.1ten sam produkt

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Custom...