Keason

**Name of the Vulnerable Software and Affected Versions** SourceCodester Best Salon Management System version 1.0 **Description** An issue exists in the '/panel/forgot-password.php' file where the manipulation of the `email` argument allows for remote SQL injection. SQL injection is a technique where malicious SQL statements are inserted into entry fields for execution, potentially allowing unauthorized access to the database. **Recommendations** Avoid using the `email` parameter in the '/panel/forgot-password.php' endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.