PHPGurukul Beauty Parlour Management System search-invoices.php sql injection_CVE-2025-11507

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Basic Information

ID CVE-2025-11507

Source VulDB

Published Oct 8, 2025 at 22:02

Affected Product

Vendor PHPGurukul

Product Beauty Parlour Management System

Version 1.1

Affected Versions PHPGurukul Beauty Parlour Management System 1.1

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.",
    "published": "2025-10-08T22:02:08.281Z",
    "modified": "2025-10-08T22:02:08.281Z",
    "type": "cve",
    "title": "PHPGurukul Beauty Parlour Management System search-invoices.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.327632\nhttps://vuldb.com/?ctiid.327632\nhttps://vuldb.com/?submit.668888\nhttps://github.com/f000x0/cve/issues/13\nhttps://phpgurukul.com/",
    "id": "CVE-2025-11507",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Beauty Parlour Management System 1.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Beauty Parlour Management System",
    "version": "1.1",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}