Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking project booking vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17634
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
Single Theater Booking Script Project Single Theater Booking Script 3.2.1
1 EDB exploit
9.8
CVSSv3
CVE-2020-25273
In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.
Online Bus Booking System Project Online Bus Booking System 1.0
1 Github repository
4.8
CVSSv3
CVE-2017-17938
PHP Scripts Mall Single Theater Booking has XSS via the admin/viewtheatre.php theatreid parameter.
Single Theater Booking Script Project Single Theater Booking Script 3.2.2
4.8
CVSSv3
CVE-2017-17940
PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php.
Single Theater Booking Script Project Single Theater Booking Script 3.2.2
9.8
CVSSv3
CVE-2023-45018
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the includes/login.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45019
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
8.8
CVSSv3
CVE-2017-17939
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
Single Theater Booking Script Project Single Theater Booking Script 3.2.2
7.2
CVSSv3
CVE-2017-17941
PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter.
Single Theater Booking Script Project Single Theater Booking Script 3.2.2
5.4
CVSSv3
CVE-2019-9066
PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile.
Php Appointment Booking Script Project Php Appointment Booking Script 3.0.3
9.8
CVSSv3
CVE-2021-45003
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.
Laundry Booking Management System Project Laundry Booking Management System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »