3 matches found
Wordpress Booking System (Booking Calendar) plugin SQL Injection
Exploit Title: Wordpress Booking System Booking Calendar plugin SQL Injection Release Date: 2014-05-21 Author: maodun Contact: Twitter: @conmancm Software Link: http://wordpress.org/support/plugin/booking-system Affected version: 1.3 Google Dork: inurl:/wp-content/plugins/booking-system/...
CVE-2014-3210
CVE-2014-3210 describes an SQL injection in the WordPress Booking System (Booking Calendar) plugin. The vulnerability affects the plugin’s dopbs-backend-forms.php and allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter sent to wp-admin/admin-ajax....
CVE-2014-3210
creationtimestamp| type| source ---|---|--- 2014-05-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39197...