2 matches found
CVE-2022-38509
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the bookingid parameter at /admin/budget.php...
CVE-2022-38509
Wedding Planner v1.0 contains a SQL injection flaw in the booking_id parameter of /admin/budget.php. Affected component: the web application’s admin budget handling. Root cause: improper input handling allowing SQL injection. Impact per CVSSv3.1: high confidentiality, integrity, and availability ...