CVE-2023-3695: Campcodes Beauty Salon Management System add-product.php sql injection
First published: Mon Jul 17 2023(Updated: )
A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file add-product.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234252.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Campcodes Chic Beauty Salon | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-3695?
CVE-2023-3695 is classified as a critical vulnerability.
How does CVE-2023-3695 affect the Campcodes Beauty Salon Management System?
CVE-2023-3695 leads to SQL injection through an unknown function in the add-product.php file.
Can CVE-2023-3695 be exploited remotely?
Yes, CVE-2023-3695 can be exploited remotely.
What should I do to fix CVE-2023-3695?
To fix CVE-2023-3695, ensure that input validation and parameterized queries are implemented in the affected add-product.php file.
Which version of the software is affected by CVE-2023-3695?
CVE-2023-3695 affects version 1.0 of the Campcodes Beauty Salon Management System.
- collector/nvd-latest
- agent/author
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/title
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/campcodes
- canonical/campcodes chic beauty salon
- version/campcodes chic beauty salon/1.0