16 matches found
Beauty Parlour Management System new-appointment.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/new-appointment.php. An attacker can...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
EUVD-2025-33279
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505 PHPGurukul Beauty Parlour Management System new-appointment.php sql injection
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...
CVE-2025-11505
PHPGurukul Beauty Parlour Management System 1.1 is affected by a SQL injection in /admin/new-appointment.php via the delid parameter. Exploitation appears remotely and publicly available; multiple sources (CNVD, RH, CNNVD, CVE records, PT-2025-41310) describe the issue and indicate no current pub...
PT-2025-41310
Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A flaw exists in PHPGurukul Beauty Parlour Management System version 1.1, specifically within the file /admin/new-appointment.php. Manipulation of the delid argument can lead ...
PHPGurukul Beauty Parlour Management System SQL注入漏洞
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/new-appointment.php. An attacker can...
EUVD-2016-2317
Malware in sbrugna...
CVE-2016-1216
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
Cross site scripting
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
CVE-2016-1216
Cross-site scripting XSS vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2...
"New appointment" function in Cybozu Garoon vulnerable to cross-site scripting
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. "New appointment" function in Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under...
CVE-2010-2718
Multiple cross-site scripting XSS vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 txtusername parameter to login.php, 2 todo parameter to newtodo.php, and unspecified vectors to 3 newtelephone.php and 4...