Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.10 views

CVE-2025-40639

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

9.8CVSS5.7AI score0.00321EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/09 12:31 p.m.4 views

EUVD-2025-208399

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/09 12:31 p.m.3 views

EUVD-2025-208400

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References2
NVD
NVD
added 2026/03/09 10:16 a.m.8 views

CVE-2025-40639

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

9.8CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/09 9:31 a.m.2 views

CVE-2025-40639 SQL injection in Eventobot

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/09 9:31 a.m.30 views

CVE-2025-40639 SQL injection in Eventobot

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2026/03/09 9:31 a.m.10 views

CVE-2025-40639

CVE-2025-40639 — Eventobot SQL injection is confirmed by connected sources. The vulnerability affects Eventobot and is exploitable via the promo_send parameter in the /assets/php/calculate_discount.php endpoint. The underlying issue allows an attacker to perform SQL operations including retrieve,...

9.8CVSS5.7AI score0.00321EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.14 views

PT-2026-24051

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo send' parameter in the '/assets/php/calculate discount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References2
Rows per page
Query Builder