Lucene search
K

5 matches found

exploitpack
exploitpack
added 2020/03/12 12:0 a.m.78 views

Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection

Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link:...

6.8CVSS6.1AI score0.08612EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/03/12 12:0 a.m.151 views

WordPress Appointment Booking Calendar 1.3.34 CSV Injection

Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link: https://downloads.wordpress.org/plugin/appointment-booking-calendar.zip Version:...

6.8CVSS6.2AI score0.08612EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.190 views

WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection

Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link: https://downloads.wordpress.org/plugin/appointment-booking-calendar.zip Version:...

7.8CVSS6.2AI score0.08612EPSS
Exploits6
NVD
NVD
added 2020/03/04 7:15 p.m.20 views

CVE-2020-9372

The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input in fields such as Description or Name in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabcappointments.php. The attacker could achieve...

7.8CVSS8.1AI score0.08612EPSS
Exploits5References4
CVE
CVE
added 2020/03/04 6:12 p.m.131 views

CVE-2020-9372

The CVE affects the WordPress plugin Appointment Booking Calendar prior to version 1.3.35. The vulnerability allows any user-supplied input in booking form fields (e.g., Description or Name) to be treated as a formula and exported via the CSV export in the admin bookings list, enabling remote cod...

7.8CVSS8AI score0.08612EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder