SQL Injection Vulnerability in SourceCodester Pet Grooming Management Software
CVE-2025-60316

9.4CRITICAL

Key Information:

Vendor

SourceCodester
Status
Pet Grooming Management Software
Vendor
CVE Published:
9 October 2025

What is CVE-2025-60316?

The SourceCodester Pet Grooming Management Software version 1.0 contains a SQL Injection vulnerability that can be exploited through the ID parameter in the admin/view_customer.php file. Attackers can leverage this flaw to execute arbitrary SQL queries, potentially leading to unauthorized access to sensitive data stored in the database. This vulnerability underscores the importance of implementing proper input validation and securing database queries to protect user information.

References

https://www.youtube.com/watch?v=KopMozY6X5w&t=191s&ab_cha...
https://github.com/ChuckBartowski7/Vulnerability-Research...

CVSS V3.1

Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-60316 : SQL Injection Vulnerability in SourceCodester Pet Grooming Management Software