8 matches found
CVE-2026-0730
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...
EUVD-2026-1658
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...
CVE-2026-0730
PHPGurukul Staff Leave Management System 1.0 is affected by a cross-site scripting vulnerability in the SVG File Handler, specifically the ADD_STAFF/UPDATE_STAFF function in /staffleave/slms/slms/adminviews.py. Manipulating the profile_pic argument can trigger XSS, with remote exploitation report...
PT-2026-1980
Name of the Vulnerable Software and Affected Versions PHPGurukul Staff Leave Management System version 1.0 Description A flaw exists in PHPGurukul Staff Leave Management System 1.0 related to cross-site scripting. The issue is located in the ADD STAFF/UPDATE STAFF function within the...
CVE-2025-7141 SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/editplan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be...
CVE-2025-7140 SourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the argument Staff Name leads to cross site scripting. It is...
CVE-2025-7140 SourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the argument Staff Name leads to cross site scripting. It is...
PT-2025-28252 · Sourcecodester · Sourcecodester Best Pos Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Salon Management System version 1.0 Description: A problematic issue was found in the Update Staff Page component, specifically in the /panel/edit plan.php file, allowing for cross-site scripting. This can be exploited...