What is CVE-2025-13484 — XSS in Complete Online Beauty Parlor Management System?

CVE-2025-13484 is a cross-site scripting (XSS) vulnerability affecting Complete Online Beauty Parlor Management System version 1.0, allowing attackers to inject malicious scripts via the Name parameter in /admin/customer-list.php.

Am I affected by CVE-2025-13484 in Complete Online Beauty Parlor Management System?

If you are running Complete Online Beauty Parlor Management System version 1.0, you are potentially affected by this vulnerability. Upgrade as soon as possible.

How do I fix CVE-2025-13484 in Complete Online Beauty Parlor Management System?

Upgrade to a patched version of Complete Online Beauty Parlor Management System. If upgrading is not immediately possible, implement a WAF rule to sanitize user input for the Name parameter.

Is CVE-2025-13484 being actively exploited?

While active exploitation is not confirmed, a public proof-of-concept exists, increasing the likelihood of exploitation.

Where can I find the official Complete Online Beauty Parlor Management System advisory for CVE-2025-13484?

Check the Campcodes website or relevant security forums for updates and advisories regarding CVE-2025-13484.

CVE-2025-13484 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-13484 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php / web:

curl -s -X POST "http://<target>/admin/customer-list.php?Name=<script>alert('XSS')</script>" | grep "alert('XSS')"

• generic web:

curl -s -X POST "http://<target>/admin/customer-list.php?Name=<script>alert('XSS')</script>" | grep "alert('XSS')"

Campcodes Complete Online Beauty Parlor Management System customer-list.php cross site scripting

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-13484 — XSS in Complete Online Beauty Parlor Management System?

Am I affected by CVE-2025-13484 in Complete Online Beauty Parlor Management System?

How do I fix CVE-2025-13484 in Complete Online Beauty Parlor Management System?

Is CVE-2025-13484 being actively exploited?

Where can I find the official Complete Online Beauty Parlor Management System advisory for CVE-2025-13484?

Seu projeto está afetado?