10 matches found
CVE-2025-10806
CVE-2025-10806 affects Campcodes Online Beauty Parlor Management System v1.0. The vulnerability is a SQL injection in /admin/bwdates-reports-details.php caused by improper handling of the fromdate/todate parameters, allowing remote attackers to manipulate queries. Public exploit exists; exploitat...
CVE-2025-10804
CVE-2025-10804 impacts Campcodes Online Beauty Parlor Management System 1.0, specifically the file /admin/add-customer.php. The vulnerability arises from manipulation of the mobilenum parameter, leading to a SQL injection. It is exploitable remotely and the exploit is public. Various sources rate...
CVE-2025-10825
CVE-2025-10825 affects Campcodes Online Beauty Parlor Management System 1.0. The vulnerability occurs in the file /admin/view-appointment.php via manipulation of the viewid parameter, leading to SQL injection. Exploitation can be carried out remotely, and public PoCs are referenced across sources...
CVE-2025-10805
The CVE-2025-10805 entry affects Campcodes Online Beauty Parlor Management System v1.0. A SQL injection exists in the /admin/add-services.php file caused by manipulating the parameter sername. This vulnerability is remotely exploitable and has publicly disclosed exploits. Based on the sources, th...
CVE-2025-10807
CVE-2025-10807 affects Campcodes Online Beauty Parlor Management System v1.0. The vulnerability is an SQL injection caused by improper handling of the “editid” parameter in the file /admin/edit-customer-detailed.php, enabling remote exploitation. Public exploits have been released. Multiple sourc...
CVE-2025-10826
CVE-2025-10826 affects Campcodes Online Beauty Parlor Management System v1.0. The vulnerability resides in /admin/sales-reports-detail.php where manipulating the fromdate/todate parameters enables SQL injection. The issue is exploitable remotely and public exploits exist. Connected sources corrob...
CVE-2025-13484
CVE-2025-13484 affects Campcodes Complete Online Beauty Parlor Management System 1.0, in the file /admin/customer-list.php. The vulnerability is a cross-site scripting flaw caused by manipulation of the Name parameter due to insufficient input filtering/escaping, allowing execution of arbitrary w...
CVE-2025-11664
Campcodes Online Beauty Parlor Management System 1.0 is affected. The vulnerability is a SQL injection in the /admin/search-appointment.php file, caused by manipulation of the searchdata argument in an unknown function. It is a network-based issue (remote exploitation) with publicly disclosed exp...
CVE-2025-11663
CVE-2025-11663 affects Campcodes Online Beauty Parlor Management System 1.0. The vulnerability is a SQL injection in the /admin/manage-services.php file caused by manipulation of the sername parameter. It can be triggered remotely and public exploit code exists. Affected software is Campcodes’ we...
CVE-2025-15188
CVE-2025-15188 affects Campcodes Complete Online Beauty Parlor Management System 1.0. The vulnerability is a cross-site scripting flaw in the file /admin/search-invoices.php triggered by manipulating the searchdata parameter. It can be exploited remotely, and multiple sources indicate the exploit...