Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

Basic Information

ID CVE-2025-14990

Source VulDB

Published Dec 21, 2025 at 03:02

Affected Product

Vendor Campcodes

Product Complete Online Beauty Parlor Management System

Version 1.0

Affected Versions Campcodes Complete Online Beauty Parlor Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.",
    "published": "2025-12-21T03:02:06.319Z",
    "modified": "2025-12-21T03:02:06.319Z",
    "type": "cve",
    "title": "Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.337684\nhttps://vuldb.com/?ctiid.337684\nhttps://vuldb.com/?submit.718453\nhttps://github.com/funnnxxx/my-cve/issues/2\nhttps://www.campcodes.com/",
    "id": "CVE-2025-14990",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Campcodes Complete Online Beauty Parlor Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Complete Online Beauty Parlor Management System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection_CVE-2025-14990