PT-2026-30194

A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument current key results in use of hard-coded cryptograph...

CRMEB authorization issue vulnerabilities

CRMEB is an open-source Java e-commerce system developed by CRMEB. Versions of CRMEB 5.6.3 and earlier contained a vulnerability related to authorization issues. This vulnerability stemmed from incorrect handling of the parameter ‘uid’ in the component’s JSON Token Handler file,...

CVE-2025-11663

A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the argument sername causes sql injection. The attack can be initiated remotely. The exploit has been ma...

CVE-2025-11663

A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the argument sername causes sql injection. The attack can be initiated remotely. The exploit has been ma...

CVE-2025-11663

A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the argument sername causes sql injection. The attack can be initiated remotely. The exploit has been ma...

Beauty Parlour Management System edit-services.php File SQL Injection Vulnerability

Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in t...

CVE-2025-9831 PHPGurukul Beauty Parlour Management System edit-services.php sql injection

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2025-6908

A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument sertitle leads to sql injection. It is possible to launch the attack remotely. The...

SourceCodester Company Website CMS 安全漏洞

SourceCodester Company Website CMS is an open source content management system from SourceCodester. A security vulnerability exists in SourceCodester Company Website CMS version 1.0, which stems from the vulnerability of files/dashboard/Services to cross-site scripting attacks...

PHPGurukul Men Salon Management System 安全漏洞

PHPGurukul Men Salon Management System is a men's salon management system from PHPGurukul Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Men Salon Management System, which is caused by a SQL injection due to an incorrect manipulation of the parameter cost in file...

PT-2025-16891 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue concerns a file upload vulnerability via the "Create Services" file. This vulnerability can be exploited through the "/dashboard/Services" API endpoint. The Create Services...

PT-2025-15225 · Unknown · Phpgurukul Men Salon Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Men Salon Management System version 1.0 Description: A critical issue was discovered in the system, affecting an unknown part of the /admin/add-services.php file. The manipulation of the cost argument leads to SQL injection. It is...

CVE-2024-9193

The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpressdomainsearchajaxextendedresults function. This makes it possible for unauthenticated attackers to include and execute...

PT-2024-17154 · Unknown · 1000 Projects Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Beauty Parlour Management System version 1.0 Description: A critical vulnerability was found in the 1000 Projects Beauty Parlour Management System. The issue affects an unknown functionality of the file /admin/edit-services.php...

PT-2024-21988 · Unknown · Campcodes Complete Online Beauty Parlor Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Beauty Parlor Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/edit-services.php. The manipulation of the editid argument leads to...

PT-2023-26598 · Unknown · Campcodes Beauty Salon Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical issue has been found in the system, affecting the /admin/add-services.php file. The manipulation of the cost argument leads to sql injection, allowing remote attacks...

PT-2023-26574 · Campcodes · Campcodes Beauty Salon Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical issue was found in the system, affecting the file /admin/edit-services.php. The manipulation of the editid argument leads to SQL injection. The attack can be initiat...

PT-2023-10126 · Unknown · Pylons Horus

Name of the Vulnerable Software and Affected Versions: Pylons horus affected versions not specified Description: A vulnerability was found in Pylons horus, classified as problematic, affecting some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observab...

U.S. Dept Of Defense: Read-only path traversal (CVE-2020-3452) at https://█████

Summary: I discovered a vulnerability Read-only path traversal CVE-2020-3452 at https://███████ Description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote...