| 제목 | Campcodes Complete Online Beauty Parlor Management System V1.0 Cross Site Scripting |
|---|
| 설명 | A cross-site scripting (XSS) vulnerability exists in the /admin/customer-list.php file of the Complete Online Beauty Parlor Management System. The application fails to properly sanitize or encode the name parameter before reflecting it back into the webpage. As a result, attackers can inject malicious JavaScript payloads that are executed in the victim’s browser once the crafted URL is accessed.
This flaw enables arbitrary script execution within the context of the affected web application, allowing attackers to bypass access controls and manipulate client-side behavior. |
|---|
| 원천 | ⚠️ https://github.com/Abxery/cveee/issues/8 |
|---|
| 사용자 | abxery (UID 91725) |
|---|
| 제출 | 2025. 11. 15. PM 01:27 (7 개월 ago) |
|---|
| 모더레이션 | 2025. 11. 20. PM 06:03 (5 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 333084 [Campcodes Complete Online Beauty Parlor Management System 1.0 /admin/customer-list.php 이름 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|