8 matches found
CVE-2024-2768
Campcodes Complete Online Beauty Parlor Management System 1.0 contains a SQL injection vulnerability in the /admin/edit-services.php file via the editid parameter. The issue affects an unknown function within that file and can be exploited remotely; public exploits have been disclosed. Multiple c...
CVE-2024-2769
CVE-2024-2769 affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is a SQL injection in the admin-profile.php file, triggered by manipulating the adminname/email parameter in the /admin/admin-profile.php path. Public exploitation is indicated, with exploit mat...
CVE-2024-2770
CVE-2024-2770 affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability exists in the file /admin/contact-us.php where the email parameter is coerced into an SQL query, enabling an SQL injection. Descriptions across sources indicate remote attack potential with publ...
CVE-2024-2767
CVE-2024-2767 affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is a SQL injection in the /admin/forgot-password.php file caused by unsafely manipulating the email parameter. It can be triggered remotely and exploitation has been disclosed publicly. Connecte...
CVE-2024-2766
Campcodes Complete Online Beauty Parlor Management System 1.0 is affected by a SQL injection vulnerability in the /admin/index.php file, caused by unsafely handling the username parameter. The issue can be exploited remotely and has been publicly disclosed. Several connected sources (including Re...
CVE-2025-14989
CVE-2025-14989 concerns Campcodes Complete Online Beauty Parlor Management System v1.0, with a SQL injection vulnerability in /admin/search-invoices.php caused by unvalidated SQL processing. Multiple connected sources (CNVD-2026-05331, RH:CVE-2025-14989, CNNVD-2025-14989, NVD/CVE-2025-14989, CVEL...
CVE-2025-14991
The CVE-2025-14991 entry relates to Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is a cross-site scripting (XSS) in the /admin/bwdates-reports-details.php file, triggered by manipulating the fromdate parameter due to an unknown function that mishandles user inp...
CVE-2025-14990
The CVE-2025-14990 issue affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is an SQL injection in the file /admin/view-appointment.php, caused by manipulation of the viewid parameter in an unknown function. The attack can be performed remotely, and public ex...