Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50860
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n...
Tms-outsource Amelia
NA
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
Phpjabbers Time Slots Booking Calendar 4.0
NA
CVE-2023-48827
Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.
Phpjabbers Time Slots Booking Calendar 4.0
NA
CVE-2023-48828
Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.
Phpjabbers Time Slots Booking Calendar 4.0
NA
CVE-2023-48831
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows malicious users to cause resource exhaustion.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-48833
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows malicious users to cause resource exhaustion.
Phpjabbers Time Slots Booking Calendar 4.0
NA
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an malicious user to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-36507
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling P...
Reputeinfosystems Bookingpress
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »