CVE-2022-28094
https://notcve.org/view.php?id=CVE-2022-28094
SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro fid en el archivo booking.php • http://scbs.com https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20Self-XSS.md https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-28093
https://notcve.org/view.php?id=CVE-2022-28093
SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de inclusión de archivos locales que permite a atacantes ejecutar código arbitrario por medio de un archivo PHP diseñado • http://scbs.com https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20File%20Inclusion.md https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html •