Vulnerabilities > Classroombookings > Classroombookings > 1.0.6

DATE CVE VULNERABILITY TITLE RISK
2020-12-14 CVE-2020-35382 SQL Injection vulnerability in Classroombookings
SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
network
low complexity
classroombookings CWE-89
6.5
6.5