CVE-2025-13484
LOWCampcodes Online Beauty Parlor Management System - Code Injection
Title source: ruleDescription
A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used.
References (5)
Scores
CVSS v3
2.4
EPSS
0.0004
EPSS Percentile
13.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Classification
CWE
CWE-94
CWE-79
Status
published
Affected Products (1)
campcodes/online_beauty_parlor_management_system
Timeline
Published
Nov 20, 2025
Tracked Since
Feb 18, 2026