PT-2026-36031 · Sourcecodester · Pet Grooming Management

Xiaozhi

Published

2026-04-30

Updated

2026-04-30

CVE-2026-7447

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0

Description A flaw in the '/admin/update customer.php' endpoint allows for remote SQL injection. This occurs due to improper validation of the argument type, length, or business parameter validity, enabling an attacker to manipulate database queries.

Recommendations Update SourceCodester Pet Grooming Management Software version 1.0 to a version that contains a fix for this issue. As a temporary workaround, restrict access to the '/admin/update customer.php' file to minimize the risk of exploitation.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2026-7447

Affected Products

Pet Grooming Management

PT-2026-36031 · Sourcecodester · Pet Grooming Management

CVE-2026-7447

Weakness Enumeration

Related Identifiers

Affected Products

References · 8