SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NMayurik Pet Grooming Management Software
APPMayurik1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
Related vulnerabilities
CVE-2025-60316CRITICAL9.4PL ✓ten sam produkt
SQL Injection w Pet Grooming Management Software via parametr ID
CVE-2025-63298HIGH8.2ten sam produkt
A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting ...
CVE-2025-63717MEDIUM6.5ten sam produkt
The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Manage...
CVE-2025-61087MEDIUM6.1ten sam produkt
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Custom...
CVE-2025-11057MEDIUM5.5ten sam produkt
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue ...