Vulnerabilities > Salonbookingsystem > Salon Booking System > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-29	CVE-2024-39658	SQL Injection vulnerability in Salonbookingsystem Salon Booking System Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7. network low complexity salonbookingsystem CWE-89	7.2
2022-04-11	CVE-2022-0920	Unspecified vulnerability in Salonbookingsystem Salon Booking System The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data network low complexity salonbookingsystem	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.