CVE-2017-17595
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
Date published : 2017-12-13
https://www.exploit-db.com/exploits/43267/
https://packetstormsecurity.com/files/145309/Beauty-Parlour-Booking-Script-1.0-SQL-Injection.html