Search Results | AttackerKB

112 Total Results

Displaying 81-90 of 112

Attacker Value

Unknown

CVE-2022-28106

Disclosure Date: May 20, 2022 (last updated February 23, 2025)

Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request.

Attacker Value

Unknown

CVE-2022-28105

Disclosure Date: May 20, 2022 (last updated February 23, 2025)

Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2022-29652

Disclosure Date: May 19, 2022 (last updated February 23, 2025)

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2022-29304

Disclosure Date: May 19, 2022 (last updated February 23, 2025)

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-28962

Disclosure Date: May 19, 2022 (last updated February 23, 2025)

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value