Submit #186235: SQL injection vulnerability exists in Beauty Salon Management Systeminfo

Title	SQL injection vulnerability exists in Beauty Salon Management System
Description	SQL injection vulnerability exists in cost parameter of /admin/add-services.php file of Beauty Salon Management System Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. Payload: cost=1' AND (SELECT 1139 FROM (SELECT(SLEEP(5)))RYKp) AND 'SQnV'='SQnV&description=1&sername=-1&submit=
Source	⚠️ https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System/Beauty%20Salon%20Management%20System%20-%20vuln%209.pdf
User	SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936)
Submission	07/23/2023 20:19 (3 years ago)
Moderation	07/24/2023 18:45 (22 hours later)
Status	Accepted
VulDB entry	235239 [Campcodes Beauty Salon Management System 1.0 /admin/add-services.php cost sql injection]
Points	20

Do you want to use VulDB in your project?

Use the official API to access entries easily!