EUVD-2023-30569

Malicious code in bioql PyPI...

CVE-2025-9831

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2024-11646 1000 Projects Beauty Parlour Management System edit-services.php sql injection

A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection. The attack can be launched...

CVE-2024-36840

SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to execute arbitrary code and obtain sensitive information via the id parameter to newsdetails.php and locationdetails.php; and the section parameter to services.php...

CVE-2024-2768 Campcodes Complete Online Beauty Parlor Management System edit-services.php sql injection

A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack...

CVE-2024-2768 Campcodes Complete Online Beauty Parlor Management System edit-services.php sql injection

A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack...

Cross site scripting

A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. Th...

CVE-2023-3877 Campcodes Beauty Salon Management System add-services.php sql injection

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument cost leads to sql injection. It is possible to initiate the attack remotely. The exploi...

Monitorr 1.7.6 Cross Site Scripting

Exploit Title: Monitorr v1.7.6 - Cross Site Scripting CVE: CVE-2023-26776 Exploit Author: Achuth V P retrymp3 Date: February 09, 2023 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description: Cross Site...

PT-2023-20791 · Monitorr · Monitorr

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the title parameter of the "post receiver-services.php" file. This enables the attacker to inject malicious scripts into t...

CVE-2021-27544

Cross Site Scripting XSS in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter...

Sql injection

SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter...

CVE-2021-27545

SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter...

CVE-2021-27544

CVE-2021-27544 describes a cross-site scripting vulnerability in the PHPGurukul Beauty Parlour Management System v1.0, specifically in the add-services.php component where the parameter “sername” can be injected with arbitrary HTML to execute code remotely. The vulnerability is confirmed across m...

CVE-2019-15029

FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the serviceedit.php file which will insert the malicious command into the database. To trigger the command, one needs to call the services.php file via a GET request with the service id...

porsche-torque.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-676756 Description| Value ---|--- Affected Website:| porsche-torque.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

swissmanagementforum.com XSS vulnerability

Vulnerable URL: http://www.swissmanagementforum.com/europe-services.php?id=1"alert/OPENBUGBOUNTY/...

mhcf.com XSS vulnerability

Vulnerable URL: http://www.mhcf.com/services.php?id=1"';-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check mhcf.com SSL...

acme.in XSS vulnerability

Vulnerable URL: https://www.acme.in/services.php?id=6%27%22--!%3E%3C/Title/%3E%3CSvg%20/Onload=confirmopenbugbounty%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 776499 VIP...

jansenlegal.be XSS vulnerability

Vulnerable URL: http://www.jansenlegal.be/EN/services.php?cat=fondations" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...