SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
7.2CVSS
7.4AI Score
0.001EPSS
Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php.
6.1CVSS
6.1AI Score
0.001EPSS