efekaanakkar

2 exploits Active since Apr 2024
CVE-2024-30998 NOMISEC CRITICAL WRITEUP
Men Salon Management System 2.0 - SQL Injection via Email Parameter
SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component.
1 stars
CVSS 9.8
CVE-2024-35511 NOMISEC MEDIUM WORKING POC
phpgurukul Men Salon Management System 2.0 - SQL Injection via Username Parameter
phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php.
CVSS 4.7