3 matches found
Sql injection
The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319...
WordPress Appointment Booking Calendar 1.1.7 SQL Injection Vulnerability
WordPress Appointment Booking Calendar plugin 1.1.7 suffers from a remote SQL injection vulnerability. Vulnerability title: SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin CVE: CVE-2015-7319 Vendor: WordPress DWBooster Product: Appointment Booking Calendar Affected version:...
CVE-2015-7319
CVE-2015-7319 affects the WordPress plugin “Appointment Booking Calendar” prior to version 1.1.8. The vulnerability is a SQL injection in cpabc_appointments_admin_int_calendar_list.inc.php that allows remote attackers to execute arbitrary SQL commands via vectors related to updating the username....