19 matches found
EUVD-2022-34300
Malicious code in bioql PyPI...
EUVD-2022-34295
Malicious code in bioql PyPI...
EUVD-2022-33978
Malicious code in bioql PyPI...
CVE-2022-29988
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete...
CVE-2024-5385 oretnom23 Online Car Wash Booking System cross site scripting
A vulnerability, which was classified as problematic, has been found in oretnom23 Online Car Wash Booking System 1.0. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name with the input confirm document.cookie leads t...
CVE-2024-2712
A vulnerability, which was classified as critical, has been found in Campcodes Complete Online DJ Booking System 1.0. This issue affects some unknown processing of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated...
CVE-2024-2718
A vulnerability was found in Campcodes Complete Online DJ Booking System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to cross site scripting. The attack ma...
CVE-2023-5305
CVE-2023-5305 affects Online Banquet Booking System 1.0, specifically the /mail.php in the Contact Us Page. The issue arises from improper handling of the message parameter, enabling cross-site scripting. The attack surface is remote, with no privileges required and user interaction required. Sev...
Cross site scripting
A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possib...
CVE-2022-2263
CVE-2022-2263 affects Online Hotel Booking System 1.0. The vulnerability resides in the edit_room_cat.php component (Room Handler) where manipulating the roomname parameter leads to a SQL injection. Exploitation can be performed remotely and publicly disclosed, enabling an attacker to compromise ...
CVE-2022-2262
CVE-2022-2262 affects Online Hotel Booking System 1.0, specifically the vulnerable code path in the Room Handler’s file edit_all_room.php. The issue is a SQL injection triggered by manipulating the id parameter (example input 2828%27%20AND%20(SELECT%203766%20FROM%20(SELECT(SLEEP(5)))BmIK)%20AND%2...
Sql injection
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...
CVE-2022-28962
CVE-2022-28962 affects Online Sports Complex Booking System 1.0. The vulnerability is SQL Injection exploitable via /scbs/classes/Users.php?f=delete_client, with documented exploitation potential and high-severity scores (CVSS v3.1: 9.8, CRITICAL; CVSS v2.0: 7.5, HIGH). Connected sources corrobor...
Sql injection
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manageclient&id=...
Sql injection
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/viewbooking.php?id=...
CVE-2022-29988
CVE-2022-29988 affects Online Sports Complex Booking System 1.0. A SQL injection flaw exists in scbs/classes/Master.php?f=delete due to lack of validation on the id parameter in the POST request, enabling potentially unauthorized SQL commands. Reported impact per sources cites high confidentialit...
CVE-2020-25272
CVE-2020-25272 corresponds to an XSS vulnerability in SourceCodester Online Bus Booking System 1.0, triggered via the name parameter in book_now.php. The available connected documents confirm the affected product and the vulnerability vector, but do not provide details on the exploitation status,...
CVE-2010-4814
SQL injection vulnerability in index1.php in Best Soft Inc. BSI Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2010-4814
CVE-2010-4814 describes a SQL injection vulnerability in the index1.php page of Best Soft Inc. (BSI) Advance Hotel Booking System 1.0. The underlying issue is improper handling of the page parameter, allowing remote attackers to inject arbitrary SQL commands. The vulnerability enables potential d...