Xinxinw

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A critical issue affects the processing of the /forgot-password.php file. The manipulation of the `email` argument leads to SQL injection. This issue can be exploited remotely. Recommendations: For PHPGurukul Beauty Parlour Management System version 1.1, consider restricting access to the /forgot-password.php file until a fix is available. As a temporary workaround, avoid using the `email` argument in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A critical issue has been discovered in the PHPGurukul Beauty Parlour Management System. The problem lies in an unknown function within the /contact.php file. Manipulation of the `fname` argument can lead to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed, making it potentially usable. Other parameters might also be affected. Recommendations: For PHPGurukul Beauty Parlour Management System version 1.1, consider disabling the /contact.php file or restricting access to it until a patch is available. Avoid using the `fname` argument in the affected file to minimize the risk of exploitation.