Vulnerabilities > Online Sports Complex Booking System Project > Online Sports Complex Booking System > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-28106 | Improper Authentication vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. | 9.8 |
| 2022-05-20 | CVE-2022-28105 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. | 9.8 |
| 2022-05-19 | CVE-2022-28962 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client. | 9.8 |
| 2022-05-12 | CVE-2022-29995 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. | 9.8 |
| 2022-05-12 | CVE-2022-29994 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. | 9.8 |
| 2022-05-12 | CVE-2022-29993 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. | 9.8 |
| 2022-05-12 | CVE-2022-29992 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. | 9.8 |
| 2022-05-12 | CVE-2022-29990 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. | 9.8 |
| 2022-05-12 | CVE-2022-29989 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. | 9.8 |
| 2022-05-12 | CVE-2022-29988 | SQL Injection vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. | 9.8 |