5 matches found
EUVD-2018-20347
Malware in sbrugna...
Bookme Control Panel Cross-Site Scripting Vulnerability
Bookme Control Panel is an online booking plugin for use in WordPress. A cross-site scripting vulnerability exists in the Customers 'Book Me' feature in version 2.0 of Bookme Control Panel, which stems from the program failing to filter user-submitted input. A remote attacker can exploit this...
CVE-2018-8737
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note aka custName and custNote sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's...
CVE-2018-8737
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note aka custName and custNote sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's...
CVE-2018-8737
Bookme Control Panel 2.0 Application is vulnerable to stored XSS in the Customers “Book Me” function. The vulnerability stems from unsanitized input in the Name and Note fields (custName and custNote) being rendered as JavaScript in the user’s browser. The CVE/NVD entries confirm the affected pro...