CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 1CVE-2008-4620 – Meeting Room Booking System (MRBS) < 1.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-4620
21 Oct 2008 — SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php. Vulnerabilidad de inyección SQL en Meeting Room Booking System (MRBS) versiones anteriores a v1.4 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "area" en (1) month.php, y posiblemente en (2) day.php y (3) week.php. • https://www.exploit-db.com/exploits/6781 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 4CVE-2007-6538 – MRBS 1.2.x - 'view_entry.php' SQL Injection
https://notcve.org/view.php?id=CVE-2007-6538
27 Dec 2007 — SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. Una vulnerabilidad de inyección SQL en el archivo ing/blocks/mrbs/code/web/view_entry.php en el plugin MRBS para Moodle, permite a los atacantes remotos ejecutar comandos SQL arbitrarios por medio del parámetro id. • https://www.exploit-db.com/exploits/30921 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •