Sibi B

**Name of the Vulnerable Software and Affected Versions** Phpgurukul's Beauty Parlour Management System version 1.1 **Description** The issue concerns SQL Injection in the `login.php` file through the `emailcont` parameter. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For Phpgurukul's Beauty Parlour Management System version 1.1, consider disabling the `login.php` file or restricting access to it until a patch is available. Avoid using the `emailcont` parameter in the affected `login.php` file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Beauty Parlour Management System version 1.1 **Description** A Cross Site Scripting (XSS) issue allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the `Firstname` and `Last name` parameters in the profile.php file. **Recommendations** For PHPGurukul Beauty Parlour Management System version 1.1, consider disabling the profile.php file or restricting access to it until a patch is available. Avoid using the `Firstname` and `Last name` parameters in the affected profile.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.