CVE-2024-11646

Name of the Vulnerable Software and Affected Versions 1000 Projects Beauty Parlour Management System version 1.0

Description A critical vulnerability was found in the 1000 Projects Beauty Parlour Management System. The issue affects an unknown functionality of the file /admin/edit-services.php. The manipulation of the sername argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, update to the latest version to mitigate risks. Ensure your systems are updated and secure. Apply remediation steps as soon as possible. As a temporary workaround, consider restricting access to the /admin/edit-services.php file until a patch is available. Avoid using the sername argument in the affected file until the issue is resolved.