2 matches found
CVE-2022-31985
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/dailysalesreport=...
CVE-2022-31985
The CVE-2022-31985 entry concerns Badminton Center Management System v1.0, vulnerable to SQL injection through the URL parameter /bcms/admin/?page=reports/daily_sales_report&date=. Root cause is unsafeguarded SQL in the daily_sales_report page (no input validation/extraction). Affected component ...