Lucene search

[email protected]CVE-2023-50841

HistoryDec 28, 2023 - 7:15 p.m.

CVE-2023-50841

2023-12-2819:15:14

CWE-89

[email protected]

web.nvd.nist.gov

cve-2023-50841

sql injection

repute infosystems

bookingpress

appointment booking calendar plugin

online scheduling plugin

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.2%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.72.

CPENameOperatorVersion
reputeinfosystems:bookingpressreputeinfosystems bookingpressle1.0.72
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.37
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.12
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.4
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.38
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.48
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.47
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.55
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.52
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.5

CPE	Name	Operator	Version
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	le	1.0.72
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.37
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.12
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.4
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.38
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.48
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.47
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.55
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.52
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.5

Rows per page:

1-10 of 741

References

patchstack.com/database/vulnerability/bookingpress-appointment-booking/wordpress-bookingpress-plugin-1-0-72-sql-injection-vulnerability?_s_id=cve

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.2%

JSON

Related for CVE-2023-50841

prion1 wpvulndb1 cvelist1 wordfence1