7 matches found
CVE-2025-13484
CVE-2025-13484 affects Campcodes Complete Online Beauty Parlor Management System 1.0, in the file /admin/customer-list.php. The vulnerability is a cross-site scripting flaw caused by manipulation of the Name parameter due to insufficient input filtering/escaping, allowing execution of arbitrary w...
Beauty Parlour Management System customer-list.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/customer-list.php. An attacker can...
CVE-2023-49974
A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...
CVE-2023-49973
A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customersupport/index.php?page=customerlist...
CVE-2023-49973
A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customersupport/index.php?page=customerlist...
PT-2023-31431 · Unknown · Customer Support System
Name of the Vulnerable Software and Affected Versions: Customer Support System version v1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at "/customer support/index.php?page=custom...
PT-2023-31432 · Unknown · Customer Support System
Name of the Vulnerable Software and Affected Versions: Customer Support System version v1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at "/customer support/index.php?page=customer...