PT-2026-36031

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/update customer.php. This manipulation of the argument type/length/business parameter validity causes sql injection. The attack is possible to be carried out...

EUVD-2023-34312

Malicious code in bioql PyPI...

EUVD-2023-23414

Malicious code in bioql PyPI...

CVE-2025-6581 SourceCodester Best Salon Management System add-customer.php sql injection

A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/details/dob/marriagedate leads to sql...

SourceCodester Best Salon Management System 注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has an injection vulnerability , the vulnerability stems from the add-customer.php file on the parameters...

CVE-2024-3614

A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument namacustomer/alamatcustomer/notelpcustomer leads to cross site scripting. It is possible to initiate...

CVE-2025-3313

CVE-2025-3313 affects PHPGurukul Men Salon Management System 1.0. The vulnerability is in an unknown function of the file /admin/add-customer.php, where manipulation of the Name parameter leads to SQL injection. It is described as exploitable remotely, with the exploit disclosed publicly. The con...

CVE-2024-3614

A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument namacustomer/alamatcustomer/notelpcustomer leads to cross site scripting. It is possible to initiate...

CVE-2024-3614 SourceCodester Warehouse Management System customer.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument namacustomer/alamatcustomer/notelpcustomer leads to cross site scripting. It is possible to initiate...

CVE-2024-3614 SourceCodester Warehouse Management System customer.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument namacustomer/alamatcustomer/notelpcustomer leads to cross site scripting. It is possible to initiate...

CVE-2023-2864

A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The...

Cross site scripting

A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The...

CVE-2023-2864

SourceCodester Online Jewelry Store 1.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the POST Parameter Handler, specifically in customer.php where manipulating the Custid argument can trigger XSS. The issue can be exploited remotely and has been publicly disclosed. The public det...

CVE-2023-1131

A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRSTNAME/LASTNAME/PHONENUMBER leads to cross site scripting. The attack...

Cross site scripting

A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRSTNAME/LASTNAME/PHONENUMBER leads to cross site scripting. The attack...

CVE-2023-1131

CVE-2023-1131 affects the SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability is a cross-site scripting flaw in the file customer.php , triggered by manipulating the arguments FIRST_NAME/LAST_NAME/PHONE_NUMBER . It can be exploited remotely, and the exploit has been di...

CVE-2023-1131 SourceCodester Computer Parts Sales and Inventory System customer.php cross site scripting

A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRSTNAME/LASTNAME/PHONENUMBER leads to cross site scripting. The attack...

CVE-2022-4253 SourceCodester Canteen Management System customer.php builtin_echo cross site scripting

A vulnerability was found in SourceCodester Canteen Management System. It has been declared as problematic. This vulnerability affects the function builtinecho of the file customer.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

PT-2022-25217 · Unknown · Online Banking System

Name of the Vulnerable Software and Affected Versions: Online Banking System version 1.0 Description: A SQL injection issue was found in the Online Banking System. The vulnerability can be exploited via the cust id parameter at the "/net-banking/edit customer.php" API endpoint. Recommendations: F...

FreeSWITCH vBilling SQL Injection

vBilling for FreeSWITCH. http://blaszczakm.blogspot.com/2013/04/vbilling-freeswitch-sqli.html Michal Blaszczak 1 SQL Injection reset password any SIP account file: controllers/customer.php $sql2 = "UPDATE directoryparams SET paramvalue = '".$newpassword."' WHERE directoryid = '".$recordid."' "; 2...