CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2691 – SourceCodester Wedding Hall Booking System Profile Page cross site scripting
https://notcve.org/view.php?id=CVE-2022-2691
A vulnerability, which was classified as problematic, has been found in SourceCodester Wedding Hall Booking System. Affected by this issue is some unknown functionality of the file /whbs/?page=manage_account of the component Profile Page. The manipulation leads to cross site scripting. The attack may be launched remotely. • https://github.com/Jamison2022/Wedding-Hall-Booking-System/blob/main/WHBS-XSS.md https://vuldb.com/?id.205814 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2690 – SourceCodester Wedding Hall Booking System Booking Form cross site scripting
https://notcve.org/view.php?id=CVE-2022-2690
A vulnerability classified as problematic was found in SourceCodester Wedding Hall Booking System. Affected by this vulnerability is an unknown functionality of the file /whbs/?page=my_bookings of the component Booking Form. The manipulation of the argument Remarks leads to cross site scripting. The attack can be launched remotely. • https://github.com/Jamison2022/Wedding-Hall-Booking-System/blob/main/WHBS-XSS.md https://vuldb.com/?id.205813 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2689 – SourceCodester Wedding Hall Booking System Contact Page cross site scripting
https://notcve.org/view.php?id=CVE-2022-2689
A vulnerability classified as problematic has been found in SourceCodester Wedding Hall Booking System. Affected is an unknown function of the file /whbs/?page=contact_us of the component Contact Page. The manipulation of the argument Message leads to cross site scripting. It is possible to launch the attack remotely. • https://github.com/Jamison2022/Wedding-Hall-Booking-System/blob/main/WHBS-XSS.md https://vuldb.com/?id.205812 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31342
https://notcve.org/view.php?id=CVE-2022-31342
Online Car Wash Booking System v1.0 is vulnerable to Delete any file via /ocwbs/classes/Master.php?f=delete_img. Online Car Wash Booking System v1.0, es vulnerable a la eliminación de cualquier archivo por medio del archivo /ocwbs/classes/Master.php?f=delete_img • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/delete-file-1.md •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31343
https://notcve.org/view.php?id=CVE-2022-31343
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=. Online Car Wash Booking System v1.0, es vulnerable a una Inyección SQL por medio del archivo /ocwbs/admin/?page=bookings/view_details&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •