CVE-2024-11055

Name of the Vulnerable Software and Affected Versions 1000 Projects Beauty Parlour Management System version 1.0

Description A critical issue has been found in the 1000 Projects Beauty Parlour Management System. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to SQL injection. The attack may be initiated remotely.

Recommendations For version 1.0, consider disabling access to the /admin/admin-profile.php file until a patch is available. Restrict the manipulation of the adminname argument to minimize the risk of SQL injection exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.