Lucene search
+L

182 matches found

GithubExploit
GithubExploit
added 2023/01/06 7:7 p.m.517 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 My take on CVE-2022-0739 BookingPress exploit,...

9.8CVSS9.6AI score0.37171EPSS
Exploits11
OSV
OSV
added 2023/01/02 10:15 p.m.4 views

CVE-2022-4340

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.3CVSS5.8AI score0.00669EPSS
Exploits2References1
Prion
Prion
added 2023/01/02 10:15 p.m.16 views

Information disclosure

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5CVSS5.1AI score0.00669EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4340 BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.2AI score0.00669EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/02 9:49 p.m.26 views

CVE-2022-4340 BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.5AI score0.00669EPSS
Exploits2References1
CVE
CVE
added 2023/01/02 9:49 p.m.58 views

CVE-2022-4340

BookingPress WordPress plugin (versions before 1.0.31) is affected by an Insecure Direct Object Reference (IDOR) in the thank-you page. The underlying issue enables unauthenticated users to view booking details (full name, date, time, service) by altering the appointment_id parameter. Reported in...

5.3CVSS5.1AI score0.00669EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.4 views

WordPress plugin BookingPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS5.8AI score0.00669EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/01/02 12:0 a.m.7 views

PT-2023-14197 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress WordPress plugin versions prior to 1.0.31 Description: The issue allows any visitor to display information about any booking by manipulating the appointment id query parameter in the thank you page, potentially exposing full name...

5.3CVSS5.1AI score0.00669EPSS
Exploits2References5
WPVulnDB
WPVulnDB
added 2022/12/07 12:0 a.m.21 views

BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The plugin suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query parameter. PoC curl -s...

5.3CVSS0.5AI score0.00669EPSS
Exploits2Affected Software1
Metasploit
Metasploit
added 2022/12/06 7:50 p.m.1111 views

Wordpress BookingPress bookingpress_front_get_category_services SQLi

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied data in the totalservice parameter of the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, prior to using it in a dynamically constructed SQL query. As a result,...

9.8CVSS8.7AI score0.37171EPSS
Exploits11
GithubExploit
GithubExploit
added 2022/11/02 1:39 a.m.858 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 Proof-of-Concept exploit SQLI BookingPress befo...

9.8CVSS9.6AI score0.37171EPSS
Exploits11
GithubExploit
GithubExploit
added 2022/10/30 7:32 p.m.2259 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 Proof-of-Concept exploit SQLI BookingPress befo...

9.8CVSS9.6AI score0.37171EPSS
Exploits11
ATTACKERKB
ATTACKERKB
added 2022/03/21 7:15 p.m.7 views

CVE-2022-0739

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS5.8AI score0.37171EPSS
Exploits11References4
NVD
NVD
added 2022/03/21 7:15 p.m.18 views

CVE-2022-0739

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS0.37171EPSS
Exploits11References2
OSV
OSV
added 2022/03/21 7:15 p.m.3 views

CVE-2022-0739

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS7.4AI score0.37171EPSS
Exploits11References2
Cvelist
Cvelist
added 2022/03/21 6:56 p.m.37 views

CVE-2022-0739 BookingPress < 1.0.11 - Unauthenticated SQL Injection

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, leading to an unauthenticated SQL Injection...

10AI score0.37171EPSS
Exploits11References2
CVE
CVE
added 2022/03/21 6:56 p.m.306 views

CVE-2022-0739

BookingPress (WordPress) has a SQL injection in versions before 1.0.11 via the unauthenticated bookingpress_front_get_category_services AJAX action. The vulnerability stems from improper sanitization of user-supplied data used to build a dynamic SQL query, enabling unauthenticated disclosure of b...

9.8CVSS9.8AI score0.37171EPSS
Exploits11References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/21 12:0 a.m.8 views

PT-2022-13401 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress WordPress plugin versions prior to 1.0.11 Description: The issue arises from the failure to properly sanitize user-supplied POST data, which is then used in a dynamically constructed SQL query. This occurs via the "bookingpress...

9.8CVSS9.6AI score0.37171EPSS
Exploits11References10
CNNVD
CNNVD
added 2022/03/21 12:0 a.m.20 views

WordPress plugin BookingPress SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin BookingPress 1.0.11 version befor...

9.8CVSS8.4AI score0.37171EPSS
Exploits11References3
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.1148 views

WordPress BookingPress plugin <= 1.0.10 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress BookingPress plugin versions = 1.0.10. Solution Update the WordPress BookingPress plugin to the latest available version at least 1.0.11...

9.8CVSS3.2AI score0.37171EPSS
Exploits11References3Affected Software1
Rows per page
Query Builder