← voltar
CVE-2024-2714

Campcodes Complete Online DJ Booking System booking-bwdates-reports-details.php sql injection

CVSS 6.3 MEDIUMEPSS 0.5%CWE-89
A vulnerability has been found in Campcodes Complete Online DJ Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257467.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
Campcodes · Complete Online DJ Booking System

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/E1CHO/cve_hub/blob/main/Complete%20Online%20DJ%20Booking%20System/Complete%20Online%20DJ%20Booking%20System%20-%20vuln%203.pdfhttps://vuldb.com/?ctiid.257467https://vuldb.com/?id.257467