8 matches found
CVE-2025-11615
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
EUVD-2025-33877
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
SourceCodester Best Salon Management System SQL注入漏洞
SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter ServiceId in the file...
PT-2025-41701
Name of the Vulnerable Software and Affected Versions SourceCodester Best Salon Management System version 1.0 Description A security flaw exists in SourceCodester Best Salon Management System 1.0. The issue is a SQL injection affecting an unknown part of the file /panel/add invoice.php...
KWHotel 安全漏洞
KWHotel is a hotel software for desktop, web and mobile devices from KWHotel, Inc. A security vulnerability exists in KWHotel version 0.47, which stems from a CSV formula injection in the Add Invoice feature...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...