Xiaoyao_I03I

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Men Salon Management System version 1.0 **Description** A critical vulnerability has been found in the PHPGurukul Men Salon Management System. This issue affects the file /admin/edit-customer-detailed.php, where the manipulation of the `editid` argument leads to SQL injection. The attack can be initiated remotely. **Recommendations** For PHPGurukul Men Salon Management System version 1.0, consider disabling access to the /admin/edit-customer-detailed.php file until a patch is available. As a temporary workaround, restrict the manipulation of the `editid` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Men Salon Management System version 1.0 **Description** A critical issue affects some unknown processing of the file /admin/edit-services.php. The manipulation of the argument `cost` leads to SQL injection. The attack may be initiated remotely. **Recommendations** As a temporary workaround, consider disabling access to the `/admin/edit-services.php` file until a patch is available. Restrict the manipulation of the `cost` argument in the `/admin/edit-services.php` file to minimize the risk of SQL injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.