CVE-2023-3884
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk42th percentile — higher than 42% of all known CVEs
Summary
A vulnerability has been found in Campcodes Beauty Salon Management System 1.0, allowing cross site scripting through manipulation of the id argument in the /admin/edit_product.php file. The attack can be initiated remotely.
Risk Assessment
This vulnerability poses a risk of exploitation by malicious users, potentially leading to data theft or session hijacking.
Recommendation
It is recommended to update the system to the latest version and implement proper input sanitization filters in the /admin/edit_product.php file.
Original NVD description (English source)
A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235246 is the identifier assigned to this vulnerability.

