39 matches found
CVE-2025-11662
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument servid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the...
CVE-2025-11662
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument servid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the...
CVE-2025-11662
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument servid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the...
SourceCodester Best Salon Management System SQL注入漏洞
SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter servid in the file /booking.php,...
CVE-2025-11615 SourceCodester Best Salon Management System add_invoice.php sql injection
A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
EUVD-2025-19097
Malicious code in bioql PyPI...
EUVD-2025-19501
Malicious code in bioql PyPI...
CVE-2025-7142
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/search-appointment.php. The manipulation leads to cross site scripting. The attack may be launched...
CVE-2025-7137
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/schedule-staff.php. The manipulation of the argument staffid leads to sql injection. It is possible to initiate the attack remotely. Th...
CVE-2025-7144
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the component Admin Profile Page. The manipulation of the argument Admin Name leads to cross site...
CVE-2025-7143
CVE-2025-7143 affects SourceCodester Best Salon Management System 1.0, impacting the /panel/edit-tax.php file in the Update Tax Page. The vulnerability is a cross‑site scripting flaw triggered by manipulating the Tax Name parameter, allowing remote initiation. Exploitation is disclosed publicly i...
CVE-2025-7141 SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/editplan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be...
CVE-2025-7140 SourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the argument Staff Name leads to cross site scripting. It is...
CVE-2025-7139
CVE-2025-7139 affects SourceCodester Best Salon Management System 1.0. The issue resides in the Update Customer Details Page, specifically the /panel/edit-customer-detailed.php file where the Name parameter is manipulated to trigger cross-site scripting. Exploitation can be remote, and public dis...
CVE-2025-7138
CVE-2025-7138 affects SourceCodester Best Salon Management System 1.0. The vulnerability is an SQL injection in the file /panel/admin-profile.php via the manipulated parameter adminname . It is a remote, unauthenticated risk with public exploit disclosure. Multiple scoring references exist (NVD C...
SourceCodester Best Salon Management System 代码注入漏洞
SourceCodester Best Salon Management System is a SourceCodester open source salon management system. A code injection vulnerability exists in SourceCodester Best Salon Management System version 1.0, which originates from an incorrect operation of the file /panel/editplan.php and could lead to a...
SourceCodester Best Salon Management System 注入漏洞
SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 suffers from an injection vulnerability that originates from improper handling of the parameter staffid in the file /panel/schedule-staff.ph...
SourceCodester Best Salon Management System 代码注入漏洞
SourceCodester Best Salon Management System is SourceCodester open source a salon management system. A code injection vulnerability exists in version 1.0 of the SourceCodester Best Salon Management System, which originates from an incorrect manipulation of the parameter Staff Name in the file...
PT-2025-28256 · Sourcecodester · Sourcecodester Best Pos Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A problematic issue was found in the Update Tax Page component, specifically affecting the /panel/edit-tax.php file. The manipulation of the Tax Name argument leads to...
SourceCodester Best Salon Management System 代码注入漏洞
SourceCodester Best Salon Management System is SourceCodester open source a salon management system. A code injection vulnerability exists in version 1.0 of the SourceCodester Best Salon Management System, which stems from an incorrect manipulation of the parameter Tax Name in the file...