Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/03/10 2:8 p.m.12 views

CVE-2025-40639

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

9.8CVSS5.7AI score0.00321EPSS
Exploits0References1
euvd
euvd
added 2026/03/09 12:31 p.m.4 views

EUVD-2025-208400

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/09 9:31 a.m.34 views

CVE-2025-40639 SQL injection in Eventobot

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promosend' parameter in the '/assets/php/calculatediscount.php'...

8.7CVSS0.00321EPSS
Exploits0References1
cve
cve
added 2026/03/09 9:31 a.m.12 views

CVE-2025-40639

CVE-2025-40639 — Eventobot SQL injection is confirmed by connected sources. The vulnerability affects Eventobot and is exploitable via the promo_send parameter in the /assets/php/calculate_discount.php endpoint. The underlying issue allows an attacker to perform SQL operations including retrieve,...

9.8CVSS5.7AI score0.00321EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/03/09 12:0 a.m.12 views

Eventobot SQL注入漏洞

Eventobot is a ticketing management system developed by Eventobot Inc. Eventobot has a SQL injection vulnerability, which stems from insufficient cleaning and escaping of the promosend parameter. This vulnerability may lead to SQL injection attacks...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/09 12:0 a.m.16 views

PT-2026-24051

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo send' parameter in the '/assets/php/calculate discount.php'...

8.7CVSS5.7AI score0.00321EPSS
Exploits0References2
Rows per page
Query Builder