Mayurik Mayurik

  1. Vendors
  2. Mayurik

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Mayurik product.

RSS Feeds for Mayurik security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Mayurik products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Mayurik Sorted by Most Security Vulnerabilities since 2018

Mayurik Best House Rental Management System31 vulnerabilities

Mayurik Best Salon Management System29 vulnerabilities

Mayurik Advocate Office Management System26 vulnerabilities

Mayurik Best Courier Management System19 vulnerabilities

Mayurik Petrol Pump Management16 vulnerabilities

Mayurik Online Tour Travel Management System15 vulnerabilities

Mayurik Best Online News Portal13 vulnerabilities

Mayurik Best Employee Management System12 vulnerabilities

Mayurik Php Task Management System11 vulnerabilities

Mayurik Best Church Management Software10 vulnerabilities

Mayurik Online Tours Travels Management System8 vulnerabilities

Mayurik Free Open Source Inventory Management System6 vulnerabilities

Mayurik Employee Management System5 vulnerabilities

Mayurik Gas Agency Management System3 vulnerabilities

Mayurik Hospital Management System3 vulnerabilities

Mayurik Best Pos Management System3 vulnerabilities

Mayurik Modern Loan Management System2 vulnerabilities

Mayurik Online Student Management System2 vulnerabilities

Mayurik Best Student Result Management System1 vulnerability

Mayurik House Rental Management System1 vulnerability

Mayurik Best Student Management System1 vulnerability

Mayurik Best Pharmacy Billing Software1 vulnerability

Mayurik Best House Rental Management1 vulnerability

Mayurik Best Free Law Office Management1 vulnerability

Mayurik Sacco Management System1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Mayurik. Last year, in 2025 Mayurik had 81 security vulnerabilities published. Right now, Mayurik is on track to have less security vulnerabilities in 2026 than it did last year.

Year Vulnerabilities Average Score
2026 0 0.00
2025 81 8.55
2024 116 7.73
2023 37 8.31

It may take a day or so for new Mayurik vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Mayurik Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2023-53734 Dec 04, 2025
SQLi in Dawa-Pharma 1.0: Unauth Exec Queries (CVE202353734) dawa-pharma-1.0 allows unauthenticated attackers to execute SQL queries on the server, allowing them to access sensitive information and potentially gain administrative access.
Best Pharmacy Billing Software
CVE-2025-9009 Aug 15, 2025
SQLi in Online Tour & Travel Management System 1.0 via /admin/email_setup.php A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-9010 Aug 15, 2025
SQLi in itsourcecode OTMS 1.0 via /admin/booking_report.php A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-9008 Aug 15, 2025
SQLi in itsourcecode Online Tour & Travel 1.0: /admin/sms_setting.php A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8993 Aug 15, 2025
iSourcecode Online Tour and Travel Management System 1.0 SQLi in /admin/expense_report.php A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8984 Aug 14, 2025
itsourcecode OTMMS 1.0 – Remote SQLi in expense_category.php A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8982 Aug 14, 2025
SQLi via curr_code in /admin/operations/currency.php – itsourcecode OTTM 1.0 A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8983 Aug 14, 2025
SQLi in itsourcecode Online Tour & Travel MS 1.0 - /admin/operations/expense.php A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8981 Aug 14, 2025
Remote SQLi in itsourcecode Online Tour & Travel Mgmt 1.0 payment.php A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8972 Aug 14, 2025
itsourcecode Online Tour & Travel 1.0 SQLi via /admin/page-login.php email A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8968 Aug 14, 2025
Remote SQLi via ID in /admin/disapprove_user.php (itsourcecode OTMS 1.0) A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8969 Aug 14, 2025
SQLi in itsourcecode Online Tour & Travel Mgmt Sys 1.0 /admin/approve_user.php A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8970 Aug 14, 2025
SQLi Remote in iSourcecode OT&TM 1.0 booking.php A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8971 Aug 14, 2025
SQLi in itsourcecode Online Tour & Travel Mgmt System 1.0 travellers.php A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8966 Aug 14, 2025
SQL I in itsourcecode OTMTS 1.0, tax.php A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-8967 Aug 14, 2025
SQLi in itsourcecode Online Tour & Travel Mgmt Sys 1.0 via pname A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Online Tour Travel Management System
CVE-2025-7144 Jul 07, 2025
SourceCodester BSMS 1.0 Admin Profile XSS via Admin Name A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the component Admin Profile Page. The manipulation of the argument Admin Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7142 Jul 07, 2025
XSS in SourceCodester Best Salon Mgmt System 1.0 /panel/search-appointment.php A vulnerability, which was classified as problematic, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/search-appointment.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7143 Jul 07, 2025
SourceCodester Best Salon Management System 1.0 XSS via Tax Name in Update Tax A vulnerability, which was classified as problematic, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/edit-tax.php of the component Update Tax Page. The manipulation of the argument Tax Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7141 Jul 07, 2025
SourceCodester Best Salon Mmgt Sys 1.0 - Remote XSS in Update Staff (edit_plan.php) A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/edit_plan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7140 Jul 07, 2025
XSS in SourceCodester Best Salon Mgmt 1.0 edit-staff.php A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the argument Staff Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7138 Jul 07, 2025
SourceCodester Best Salon Mgmt Sys 1.0: RSQLi via adminname in /panel/admin-profile.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7139 Jul 07, 2025
XSS in Best Salon Management System 1.0 Update Customer Details Page A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /panel/edit-customer-detailed.php of the component Update Customer Details Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-7137 Jul 07, 2025
Critical SQLi in SourceCodester Best Salon Mgmt Sys 1.0 /panel/schedule-staff.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/schedule-staff.php. The manipulation of the argument staff_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6880 Jun 30, 2025
Critical SQLI in edit-tax.php of SourceCodester Best Salon Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6879 Jun 30, 2025
Critical SQLi in Best Salon Management System 1.0 via add-tax.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6878 Jun 30, 2025
Critical SQLi in SourceCodester Best Salon Mgmt Sys 1.0 - /panel/search-appointment.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6877 Jun 30, 2025
Critical SQLi in SourceCodester BSMS 1.0 via editid in panel/edit-category.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6876 Jun 29, 2025
SourceCodester Best Salon Mgmt 1.0 SQLi via /panel/add-category.php A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6875 Jun 29, 2025
SQLi in SC Best Salon Management System 1.0 /panel/edit-subscription.php A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6874 Jun 29, 2025
SourceCodester Best Salon Management System 1.0 SQLi via add_subscribe.php A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation of the argument user_id/plan_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6862 Jun 29, 2025
SQLi in SourceCodester Best Salon Management System 1.0 – edit_plan.php via editid (Remote) A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6861 Jun 29, 2025
SQLi in SourceCodester Best Salon Mgmt Sys 1.0 via /panel/add_plan.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulation of the argument plan_name/description/duration_days/price leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6860 Jun 29, 2025
SourceCodester Best Salon Management Sys 1.0 SQLi in staff_commision.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6859 Jun 29, 2025
SourceCodester Best Salon Management System 1.0 Critical SQLi in pro_sale.php A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6609 Jun 25, 2025
SQLi in SC Best Salon Mgmt Sys 1.0 via bwdates-reports-details.php A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6608 Jun 25, 2025
SourceCodester BSM 1.0 SQLi via /panel/edit-services.php A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-services.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6605 Jun 25, 2025
Critical SQLi in SourceCodester Best Salon MGMT 1.0 /panel/edit-staff.php A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6606 Jun 25, 2025
SourceCodester Best Salon Mgmt Sys 1.0 SQLi via add-services.php A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6607 Jun 25, 2025
SC Best Salon Eng. 1.0: Remote SQLi via /panel/stock.php ID A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6604 Jun 25, 2025
SQLi in SourceCodester Best Salon Mgmt Sys 1.0 /panel/add-staff.php A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6583 Jun 25, 2025
Critical SQLi in SourceCodester Best Salon Management System 1.0 /view-appointment.php A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6582 Jun 25, 2025
SourceCodester Best Salon Mgt Sys 1.0 - SQLi via editid in /edit-cust-dtl.php A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6581 Jun 24, 2025
Critical SQLi in SourceCodester Best Salon Mgmt 1.0 /add-customer.php A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/details/dob/marriage_date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-6580 Jun 24, 2025
SQLi in SourceCodester Best Salon Management 1.0 Login A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Salon Management System
CVE-2025-4728 May 15, 2025
SQL Injection in SourceCodester Best Online News Portal 1.0 (search.php) A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Best Online News Portal
CVE-2025-44185 May 15, 2025
CSRF in /admin/change_pass.php of SourceCodester BPM System v1.0 SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.
Best Employee Management System
CVE-2025-44184 May 14, 2025
XSS via /admin/profile.php in SourceCodester Best Employee Mgt System v1.0 SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.
Best Employee Management System
CVE-2025-44186 May 14, 2025
CSRF in /admin/Operation/User.php of Best Employee Mgmt System 1.0 SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.
Best Employee Management System
CVE-2023-44753 Apr 22, 2025
XSS via email param on profile.php in Student Management System v1.0 A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter on the profile.php page.
Online Student Management System
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.