752 matches found
CVE-2022-29986
CVE-2022-29986 affects Online Sports Complex Booking System 1.0. Multiple connected sources confirm a SQL injection vulnerability in scbs/classes/Master.php?f=delete_facility due to improper input handling. NVD/NVD-derived metrics indicate a high/critical impact (CVSS v3.1: 9.8) with network acce...
CVE-2022-29986
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletefacility...
CVE-2022-29987
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manageuser&id=...
CVE-2022-29987
CVE-2022-29987 affects Online Sports Complex Booking System 1.0. The vulnerability is an SQL Injection in the parameter id of the page at /scbs/admin/?page=user/manage_user&id=, caused by insufficient input validation. Public sources consistently describe this as a SQL injection vulnerability ena...
CVE-2022-29988
CVE-2022-29988 affects Online Sports Complex Booking System 1.0. A SQL injection flaw exists in scbs/classes/Master.php?f=delete due to lack of validation on the id parameter in the POST request, enabling potentially unauthorized SQL commands. Reported impact per sources cites high confidentialit...
CVE-2022-29988
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete...
CVE-2022-29989
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletebooking...
CVE-2022-29989
CVE-2022-29989 affects Online Sports Complex Booking System 1.0. The vulnerability is SQL Injection via scbs/classes/Master.php?f=delete_booking, due to lack of input validation on the id parameter. This allows unintended SQL commands to be executed and can lead to exposure of sensitive database ...
CVE-2022-29990
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/viewcategory.php?id=...
CVE-2022-29990
CVE-2022-29990 affects Online Sports Complex Booking System 1.0. The vulnerability is a SQL injection in /scbs/admin/categories/view_category.php?id= that enables arbitrary SQL execution and can compromise data confidentiality, integrity, and availability (CVSS3.1: 9.8, HIGH). Connected documents...
CVE-2022-29992
CVE-2022-29992 affects the Online Sports Complex Booking System 1.0. The connected documents describe a SQL injection vulnerability exploitable via the URL path /scbs/admin/categories/manage_category.php?id=, indicating unparameterized queries in that component. They do not provide concrete explo...
CVE-2022-29992
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/managecategory.php?id=...
CVE-2022-29993
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/viewbooking.php?id=...
CVE-2022-29993
The CVE-2022-29993 entry documents an SQL Injection vulnerability in Online Sports Complex Booking System 1.0. Affected component: the web path /scbs/admin/bookings/view_booking.php?id= is vulnerable due to unsanitized input, enabling an attacker to alter or extract database data. CVSS metrics in...
CVE-2022-29994
CVE-2022-29994 affects Online Sports Complex Booking System 1.0. The connected sources confirm a SQL Injection vulnerability in the admin facilities management page, specifically via /scbs/admin/?page=facilities/manage_facility&id=. The vulnerability is triggered through unvalidated external inpu...
CVE-2022-29994
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/managefacility&id=...
CVE-2022-29995
The CVE-2022-29995 entry applies to Online Sports Complex Booking System 1.0 and is caused by SQL injection in the parameter id of the page /scbs/admin/?page=clients/manage_client&id=. The connected docs corroborate a SQL injection vulnerability that can affect confidentiality, integrity, and ava...
CVE-2022-29995
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manageclient&id=...
Online Sports Complex Booking System SQL注入漏洞
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. Online Sports Complex Booking System version 1.0 is vulnerable to a SQL injection vulnerability that originates in /scbs/admin/ categories/viewcategory.php?id=, an attacker can execute...
Online Sports Complex Booking System SQL注入漏洞
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=clients/manageclient&id= lacks validation of external input SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data...