CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29995
https://notcve.org/view.php?id=CVE-2022-29995
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. Online Sports Complex Booking System versión 1.0, es vulnerable a una inyección SQL por medio de /scbs/admin/?page=clients/manage_client&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/Online-Sports-Complex-Booking-System/SQLi-9.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29317
https://notcve.org/view.php?id=CVE-2022-29317
Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. Se ha detectado que Simple Bus Ticket Booking System versión v1.0, contiene múltiples vulnerabilidades de inyección SQL por medio de los parámetros username y password en el archivo /assets/partials/_handleLogin.php • https://hackmd.io/%40taidh/r1FCJ1ME5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28094
https://notcve.org/view.php?id=CVE-2022-28094
SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro fid en el archivo booking.php • http://scbs.com https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20Self-XSS.md https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28093
https://notcve.org/view.php?id=CVE-2022-28093
SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de inclusión de archivos locales que permite a atacantes ejecutar código arbitrario por medio de un archivo PHP diseñado • http://scbs.com https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20File%20Inclusion.md https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2021-45003
https://notcve.org/view.php?id=CVE-2021-45003
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload. Laundry Booking Management System versión 1.0 (Ultima) y versiones anteriores están afectadas por una vulnerabilidad de ejecución de código remota (RCE) en el archivo profile.php mediante el parámetro "image" que puede ejecutar una carga útil de webshell • https://drive.google.com/drive/folders/1VuWo2JS7VTh9KPRnoi7CZZQgVZ4msBav?usp=sharing https://github.com/qerogram/BUG_WEB/tree/main/OpenSource/CVE-2021-45003 • CWE-276: Incorrect Default Permissions •