Lucene search
MaodunPATCHSTACK:AE3E9026D0C771B0F4BAB1FC5146ED7BHistoryMay 21, 2014 - 12:00 a.m.
WordPress Booking Calendar Plugin - SQL Injection
2014-05-2100:00:00
maodun
patchstack.com
9
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
This WordPress Booking Calendar plugin’s “booking_form_id” parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| booking calendar, appointment booking system | le | 1.3 |
References
Related
packetstorm
packetstorm
WordPress Booking System SQL Injection
2014-05-22 00:00:00
patchstack
patchstack
WordPress Booking System Plugin - SQL Injection
2014-05-21 00:00:00
cve
cve
CVE-2014-3210
2014-05-22 15:13:00
prion
prion
Sql injection
2014-05-22 15:13:00
securityvulns
securityvulns
wpvulndb
wpvulndb
Booking System <= 1.2 - SQL Injection
2014-08-01 10:59:03
f5
f5
K16834 : OpenSSL vulnerability CVE-2011-3210
2015-07-01 00:00:00
SOL16834 - OpenSSL vulnerability CVE-2011-3210
2015-07-01 00:00:00
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related for PATCHSTACK:AE3E9026D0C771B0F4BAB1FC5146ED7B