1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 1CVE-2008-4620 – Meeting Room Booking System (MRBS) < 1.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-4620
21 Oct 2008 — SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php. Vulnerabilidad de inyección SQL en Meeting Room Booking System (MRBS) versiones anteriores a v1.4 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "area" en (1) month.php, y posiblemente en (2) day.php y (3) week.php. • https://www.exploit-db.com/exploits/6781 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •