CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2386 – PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injection
https://notcve.org/view.php?id=CVE-2025-2386
17 Mar 2025 — A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /serviceman-search.php. The manipulation of the argument location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/aionman/cve/issues/7 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28000
https://notcve.org/view.php?id=CVE-2021-28000
19 Aug 2021 — A persistent cross-site scripting vulnerability was discovered in Local Services Search Engine Management System Project 1.0 which allows remote attackers to execute arbitrary code via crafted payloads entered into the Name and Address fields. Se ha detectado una vulnerabilidad de tipo cross-site scripting persistente en Local Services Search Engine Management System Project versión 1.0, que permite a atacantes remotos ejecutar código arbitrario por medio de cargas útiles diseñadas que se introducen en los ... • https://tusharvaidya16.medium.com/local-services-search-engine-management-system-project-lssmes-1-0-af2cae7cbbf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27999
https://notcve.org/view.php?id=CVE-2021-27999
19 Aug 2021 — A SQL injection vulnerability was discovered in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database. Se ha detectado una vulnerabilidad de inyección SQL en el parámetro editid en Local Services Search Engine Management System Project versión 1.0. Esta vulnerabilidad da a usuarios administradores la habilidad de volcar todos los datos de la base de datos. • https://medium.com/%40tusharvaidya16/authenticated-blind-error-based-sql-injection-on-local-services-search-engine-management-system-3e99779f0850 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2021-3278 – Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-3278
02 Dec 2020 — Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page. Local Service Search Engine Management System versión 1.0, presenta una vulnerabilidad debido a una omisión de autenticación usando una inyección SQL. Con esta vulnerabilidad, un atacante puede omitir la página de inicio de sesión Local Service Search Engine Management System version 1.0 suffers from a remote SQL injec... • https://packetstorm.news/files/id/160315 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •