EUVD-2023-40456

Malicious code in bioql PyPI...

Code-Projects Online Class and Exam Scheduling System 安全漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from a parameter id in the file /pages/subjectupdate.php...

CVE-2024-9263 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.25 - Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to Account Takeover/Privilege Escalation via Insecure Direct Object Reference in all versions up to, and including, 1.0.25 via the save due to missing validation on a user...

CVE-2023-50841

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin...

PT-2023-31673 · Repute Infosystems · Bookingpress

Name of the Vulnerable Software and Affected Versions: Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin versions 1.0.0 through 1.0.72 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special...

CVE-2023-36507

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

CVE-2023-36507 WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

Schedulicity - Easy Online Scheduling <= 2.21 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. schedulenowbutton bizkey='"...

onlineappointmentscheduling.net.au XSS vulnerability

Vulnerable URL: http://onlineappointmentscheduling.net.au/?s=%27;alert/XSSPOSED///%27;alert/XSSPOSED///%22;alert/XSSPOSED///%22;alert/XSSPOSED///--%3E%3C/sCRipT%3E%22%3E%27%3E%3CsCRipT%3Ealert/XSSPOSED/%3C/sCRipT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:|...