Vulnerabilities > Classroombookings
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-23012 | Cross-site Scripting vulnerability in Classroombookings 2.6.4 Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php. | 6.1 |
2020-12-14 | CVE-2020-35382 | SQL Injection vulnerability in Classroombookings SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user. | 6.5 |