exploitDog

CVE-2025-26157

Опубликовано: 14 фев. 2025

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty Parlour Management System V1.1, which allows remote attackers to execute arbitrary code via the name POST request parameter.

Ссылки

https://github.com/rtnthakur/CVE/blob/main/others/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:darkseid:beauty_parlour_management_system:1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00138

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-m44q-qr9w-w24c

CVSS3: 5.9

github

12 месяцев назад

A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty Parlour Management System V1.1, which allows remote attackers to execute arbitrary code via the name POST request parameter.

EPSS

Процентиль: 34%

0.00138

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-89