Bookgy

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-40619 CRITICAL Act Now

Bookgy does not provide for proper authorisation control in multiple areas of the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Bookgy
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-40618 CRITICAL Act Now

SQL injection vulnerability in Bookgy. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Bookgy
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-40617 CRITICAL Act Now

SQL injection vulnerability in Bookgy. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Bookgy
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-40616 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Bookgy
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-40615 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Bookgy
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-40619
EPSS 0% CVSS 9.3
CRITICAL Act Now

Bookgy does not provide for proper authorisation control in multiple areas of the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Bookgy
NVD
CVE-2025-40618
EPSS 0% CVSS 9.3
CRITICAL Act Now

SQL injection vulnerability in Bookgy. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Bookgy
NVD
CVE-2025-40617
EPSS 0% CVSS 9.3
CRITICAL Act Now

SQL injection vulnerability in Bookgy. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Bookgy
NVD
CVE-2025-40616
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Bookgy
NVD
CVE-2025-40615
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Bookgy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy