Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-24726
The WP Simple Booking Calendar WordPress plugin prior to 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue
Wpsimplebookingcalendar Wp Simple Booking Calendar
6.8
CVSSv2
CVE-2014-10014
Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Event Booking Calendar 2.0 allow remote malicious users to hijack the authentication of administrators for requests that (1) change the username and password of the administrator via an update action to the ...
Phpjabbers Event Booking Calendar 2.0
1 EDB exploit
NA
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an malicious user to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-3558
A vulnerability classified as problematic has been found in GZ Scripts Event Booking Calendar 1.8. Affected is an unknown function of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible ...
Gzscripts Event Booking Calendar 1.8
NA
CVE-2023-40765
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Event Booking Calendar 4.0
NA
CVE-2023-36131
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-36132
PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-36133
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.
Phpjabbers Availability Booking Calendar 5.0
4.3
CVSSv2
CVE-2016-10908
The booking-calendar-contact-form plugin prior to 1.0.24 for WordPress has XSS.
Codepeople Booking Calendar Contact Form
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »