PT-2026-22753 · Sourcecodester · Sourcecodester Simple Online Mens Salon Management System

Shininadd

Published

2026-03-03

Updated

2026-03-03

CVE-2026-26885

CVSS v3.1

2.7

Low

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Sourcecodester Online Men's Salon Management System version 1.0 Sourcecodester Simple Online Men's Salon Management System version 1.0

Description The software is susceptible to SQL Injection. This issue affects the /classes/Master.php?f=delete service endpoint. The f parameter in the API endpoint is vulnerable. Successful exploitation could allow an attacker to manipulate database queries.

Recommendations Apply appropriate input validation and sanitization techniques to the f parameter in the /classes/Master.php?f=delete service endpoint.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2026-26885

Affected Products

Sourcecodester Simple Online Mens Salon Management System

CVE-2026-26885

Weakness Enumeration

Related Identifiers

Affected Products

References · 5