Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Best Salon Management System — Vulnerabilities & Security Advisories 33

All 33 CVE vulnerabilities found in Best Salon Management System, with AI-generated Chinese analysis, references, and POCs.

This page aggregates known security vulnerabilities for the Best Salon Management System, a software platform used by beauty and wellness professionals to manage appointments, clients, and billing. The content on this page is limited to documented weakness types, primarily focusing on common flaws found in web-based management applications such as SQL injection, cross-site scripting, and authentication bypasses. It collects vulnerability data spanning from the initial public release of the software up to the most recent patch updates, ensuring a comprehensive historical view of security issues affecting this specific product version. By reviewing this collection, users can track vendor advisories to understand the timeline of disclosure and remediation efforts, which is critical for maintaining system integrity. Furthermore, this resource allows administrators to understand broader weakness classes that may impact their deployment, facilitating better risk assessment and mitigation strategies. Visitors can also look up the product's specific vulnerability history to see how past issues were resolved and whether underlying architectural flaws remain unaddressed. This information is intended for security researchers, system administrators, and IT auditors who need to evaluate the current security posture of the Best Salon Management System. The goal is to provide a neutral, factual reference point that helps stakeholders make informed decisions about updating, patching, or migrating away from vulnerable instances. It does not serve as a guide for exploitation but rather as a catalog of identified defects. Users are encouraged to consult official vendor documentation for detailed fix instructions and compatibility notes for each reported issue.

Vendor: SourceCodester

CVE IDTitleCVSSSeverityPublished
CVE-2025-12325 SourceCodester Best Salon Management System forgot-password.php sql injection CWE-89 7.3 High2025-10-27
CVE-2025-11662 SourceCodester Best Salon Management System booking.php sql injection CWE-89 7.3 High2025-10-13
CVE-2025-11615 SourceCodester Best Salon Management System add_invoice.php sql injection CWE-89 7.3 High2025-10-11
CVE-2025-11614 SourceCodester Best Salon Management System edit-appointment.php sql injection CWE-89 7.3 High2025-10-11
CVE-2025-7144 SourceCodester Best Salon Management System Admin Profile Page admin-profile.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7143 SourceCodester Best Salon Management System Update Tax Page edit-tax.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7142 SourceCodester Best Salon Management System search-appointment.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7141 SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7140 SourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7139 SourceCodester Best Salon Management System Update Customer Details Page edit-customer-detailed.php cross site scripting CWE-79 2.4 Low2025-07-07
CVE-2025-7138 SourceCodester Best Salon Management System admin-profile.php sql injection CWE-89 6.3 Medium2025-07-07
CVE-2025-7137 SourceCodester Best Salon Management System schedule-staff.php sql injection CWE-89 6.3 Medium2025-07-07
CVE-2025-6880 SourceCodester Best Salon Management System edit-tax.php sql injection CWE-89 6.3 Medium2025-06-30
CVE-2025-6879 SourceCodester Best Salon Management System add-tax.php sql injection CWE-89 6.3 Medium2025-06-30
CVE-2025-6878 SourceCodester Best Salon Management System search-appointment.php sql injection CWE-89 6.3 Medium2025-06-30
CVE-2025-6877 SourceCodester Best Salon Management System edit-category.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6876 SourceCodester Best Salon Management System add-category.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6875 SourceCodester Best Salon Management System edit-subscription.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6874 SourceCodester Best Salon Management System add_subscribe.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6862 SourceCodester Best Salon Management System edit_plan.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6861 SourceCodester Best Salon Management System add_plan.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6860 SourceCodester Best Salon Management System staff_commision.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6859 SourceCodester Best Salon Management System pro_sale.php sql injection CWE-89 6.3 Medium2025-06-29
CVE-2025-6609 SourceCodester Best Salon Management System bwdates-reports-details.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6608 SourceCodester Best Salon Management System edit-services.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6607 SourceCodester Best Salon Management System stock.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6606 SourceCodester Best Salon Management System add-services.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6605 SourceCodester Best Salon Management System edit-staff.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6604 SourceCodester Best Salon Management System add-staff.php sql injection CWE-89 6.3 Medium2025-06-25
CVE-2025-6583 SourceCodester Best Salon Management System view-appointment.php sql injection CWE-89 6.3 Medium2025-06-25

All 33 known CVE vulnerabilities affecting Best Salon Management System with full Chinese analysis, references, and POCs where available.