Vulnerabilities > Online Sports Complex Booking System Project

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-28105 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-20 CVE-2022-28106 Improper Authentication vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request.
network
low complexity
online-sports-complex-booking-system-project CWE-287
critical
9.8
2022-05-19 CVE-2022-28962 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-19 CVE-2022-29304 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility.
8.8
2022-05-19 CVE-2022-29652 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client.
6.1
2022-05-12 CVE-2022-29985 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-12 CVE-2022-29986 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-12 CVE-2022-29987 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-12 CVE-2022-29988 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8
2022-05-12 CVE-2022-29989 SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking.
network
low complexity
online-sports-complex-booking-system-project CWE-89
critical
9.8