16 matches found
Beauty Parlour Management System new-appointment.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/new-appointment.php. An attacker can...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
PHPGurukul Beauty Parlour Management System 1.1 is affected by a SQL injection in /admin/new-appointment.php via the delid parameter. Exploitation appears remotely and publicly available; multiple sources (CNVD, RH, CNNVD, CVE records, PT-2025-41310) describe the issue and indicate no current pub...
EUVD-2025-33279
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
PHPGurukul Beauty Parlour Management System SQL注入漏洞
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/new-appointment.php. An attacker can...
PT-2025-41310
Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A flaw exists in PHPGurukul Beauty Parlour Management System version 1.1, specifically within the file /admin/new-appointment.php. Manipulation of the delid argument can lead ...
EUVD-2016-2317
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
CVE-2016-1216
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
CVE-2016-1216
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
"New appointment" function in Cybozu Garoon vulnerable to cross-site scripting
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. "New appointment" function in Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under...
CVE-2010-2718
Multiple cross-site scripting XSS vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 txtusername parameter to login.php, 2 todo parameter to newtodo.php, and unspecified vectors to 3 newtelephone.php and 4...