Dimitri Grassi Salon Booking System vulnerabilities
6 known vulnerabilities affecting dimitri_grassi/salon_booking_system.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM1UNKNOWN1
Vulnerabilities
Page 1 of 1
CVE-2025-67954MEDIUMCVSS 6.5≤ 10.30.32026-01-22
CVE-2025-67954 [MEDIUM] CWE-497 CVE-2025-67954: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dimitri
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Retrieve Embedded Sensitive Data.This issue affects Salon booking system: from n/a through <= 10.30.3.
cvelistv5nvd
CVE-2025-66531HIGHCVSS 8.8≤ 10.30.32025-12-09
CVE-2025-66531 [HIGH] CWE-352 CVE-2025-66531: Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.30.3.
cvelistv5nvd
CVE-2025-47583UNKNOWN≤ 10.162025-05-19
CVE-2025-47583 CWE-352 CVE-2025-47583: Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.16.
cvelistv5nvd
CVE-2025-32220HIGHCVSS 8.8≤ 10.30.232025-04-04
CVE-2025-32220 [HIGH] CWE-862 CVE-2025-32220: Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allo
Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.23.
cvelistv5nvd
CVE-2025-31560HIGHCVSS 7.2≤ 10.152025-04-01
CVE-2025-31560 [HIGH] CWE-266 CVE-2025-31560: Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-sy
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Privilege Escalation.This issue affects Salon booking system: from n/a through < 10.15.
cvelistv5nvd
CVE-2024-47316HIGHCVSS 8.8≤ 10.92024-10-05
CVE-2024-47316 [HIGH] CWE-639 CVE-2024-47316: Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking syste
Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking system salon-booking-system.This issue affects Salon booking system: from n/a through <= 10.9.
cvelistv5nvd