Campcodes Online Beauty Parlor Management System add-services.php sql injection

A vulnerability was determined in Campcodes Online Beauty Parlor Management System 1.0. This affects an unknown part of the file /admin/add-services.php. Executing manipulation of the argument sername can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

CampCodes Online Beauty Parlor Management System SQL注入漏洞

CampCodes Online Beauty Parlor Management System是菲律宾CampCodes公司的一个在线美容院管理系统。 Campcodes Online Beauty Parlor Management System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/admin/add-services.php中参数sername的错误操作，可能导致SQL注入攻击。

N/A

N/A