Vulnerabilities > Roosty

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-24555	SQL Injection vulnerability in Roosty Diary-Availability-Calendar 1.0.1/1.0.2/1.0.3 The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. network low complexity roosty CWE-89	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Roosty {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Roosty"}]}

Vulnerabilities > Roosty