Docker634

**Name of the Vulnerable Software and Affected Versions** 1000 Projects Beauty Parlour Management System version 1.0 **Description** A critical issue has been found in the 1000 Projects Beauty Parlour Management System. The problem is related to an unknown function of the file `/admin/search-invoices.php`, where the manipulation of the `searchdata` argument leads to SQL injection. This issue can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** For version 1.0, update to the latest version to mitigate risks. As a temporary workaround, consider restricting access to the `/admin/search-invoices.php` file and avoid using the `searchdata` argument in this context until a patch is available. Ensure your systems are updated to the latest version to protect against this issue.