CVE-2022-30817
https://notcve.org/view.php?id=CVE-2022-30817
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php. Simple Bus Ticket Booking System versión 1.0 es vulnerable a una Inyección SQL por medio del archivo /SimpleBusTicket/index.php • https://github.com/k0xx11/bug_report/blob/main/vendors/codeastro.com/simple-bus-ticket-booking-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-28106
https://notcve.org/view.php?id=CVE-2022-28106
Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. Se ha detectado que Online Sports Complex Booking System versión v1.0, permite a atacantes tomar el control de las cuentas de los usuarios por medio de una petición POST diseñada • https://cxsecurity.com/issue/WLB-2022030104 • CWE-287: Improper Authentication •
CVE-2022-28105
https://notcve.org/view.php?id=CVE-2022-28105
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. Se ha detectado que Online Sports Complex Booking System versión v1.0, contiene una vulnerabilidad de inyección SQL ciega por medio del parámetro id en el archivo /scbs/view_facility.php • https://cxsecurity.com/issue/WLB-2022030105 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-29652
https://notcve.org/view.php?id=CVE-2022-29652
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. Online Sports Complex Booking System versión 1.0, es vulnerable a una Inyección SQL por medio de /scbs/classes/Users.php?f=save_client • https://github.com/playZG/Exploit-/blob/main/Online%20Sports%20Complex%20Booking%20System/Online%20Sports%20Complex%20Booking%20System%201.0%20XSS%20loophole.md https://packetstormsecurity.com/files/166641/Online-Sports-Complex-Booking-System-1.0-Cross-Site-Scripting.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-29304
https://notcve.org/view.php?id=CVE-2022-29304
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. Online Sports Complex Booking System versión 1.0, es vulnerable a una Inyección SQL por medio de /classes/master.php?f=delete_ Facility • https://github.com/playZG/Exploit-/blob/main/Online%20Sports%20Complex%20Booking%20System/Online%20Sports%20Complex%20Booking%20System%201.0%20SQL%20Injection%28%E4%B8%89%29.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •