Lucene search
K

7 matches found

CVE
CVE
added 2025/11/20 10:32 p.m.15 views

CVE-2025-13484

CVE-2025-13484 affects Campcodes Complete Online Beauty Parlor Management System 1.0, in the file /admin/customer-list.php. The vulnerability is a cross-site scripting flaw caused by manipulation of the Name parameter due to insufficient input filtering/escaping, allowing execution of arbitrary w...

6.1CVSS3.3AI score0.00216EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2025/10/13 12:0 a.m.3 views

Beauty Parlour Management System customer-list.php File SQL Injection Vulnerability

Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/customer-list.php. An attacker can...

9.8CVSS8.3AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2024/03/06 1:15 a.m.3 views

CVE-2023-49974

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...

6.1CVSS5.9AI score0.0045EPSS
Exploits1References2
OSV
OSV
added 2024/03/06 1:15 a.m.4 views

CVE-2023-49973

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customersupport/index.php?page=customerlist...

6.1CVSS5.9AI score0.0045EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/03/06 1:15 a.m.19 views

CVE-2023-49973

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customersupport/index.php?page=customerlist...

6.1CVSS6AI score0.0045EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.6 views

PT-2023-31431 · Unknown · Customer Support System

Name of the Vulnerable Software and Affected Versions: Customer Support System version v1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at "/customer support/index.php?page=custom...

6.1CVSS6AI score0.00433EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.4 views

PT-2023-31432 · Unknown · Customer Support System

Name of the Vulnerable Software and Affected Versions: Customer Support System version v1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at "/customer support/index.php?page=customer...

6.1CVSS6.1AI score0.0045EPSS
Exploits1References7
Rows per page
Query Builder