Show filters
96 Total Results
Displaying 71-80 of 96
Sort by:
Attacker Value
Unknown

CVE-2019-7554

Disclosure Date: June 06, 2019 (last updated November 27, 2024)
An issue was discovered in PHP Scripts Mall API Based Travel Booking 3.4.7. There is Reflected XSS via the flight-results.php d2 parameter.
0
0
Attacker Value
Unknown

CVE-2018-20556

Disclosure Date: March 21, 2019 (last updated November 27, 2024)
SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.
0
0
Attacker Value
Unknown

CVE-2019-9064

Disclosure Date: February 23, 2019 (last updated November 27, 2024)
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.
0
0
Attacker Value
Unknown

CVE-2019-9066

Disclosure Date: February 23, 2019 (last updated November 27, 2024)
PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile.
0
0
Attacker Value
Unknown

CVE-2018-15191

Disclosure Date: August 10, 2018 (last updated November 27, 2024)
PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, or Address field.
0
0
Attacker Value
Unknown

CVE-2018-15190

Disclosure Date: August 10, 2018 (last updated November 27, 2024)
PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address field.
0
0
Attacker Value
Unknown

CVE-2018-5672

Disclosure Date: January 13, 2018 (last updated November 26, 2024)
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label] parameter.
0
0
Attacker Value
Unknown

CVE-2018-5671

Disclosure Date: January 13, 2018 (last updated November 26, 2024)
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter.
0
0
Attacker Value
Unknown

CVE-2018-5673

Disclosure Date: January 13, 2018 (last updated November 26, 2024)
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via wp-admin/admin.php.
0
0
Attacker Value
Unknown

CVE-2018-5670

Disclosure Date: January 13, 2018 (last updated November 26, 2024)
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter.
0
0
View More Topics  < Previous  Next >