Skip to main content

Eventobot

2 CVEs product

Monthly

CVE-2025-40639 CRITICAL Act Now

SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.

PHP SQLi Eventobot
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-40638 MEDIUM This Month

A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. [CVSS 6.1 MEDIUM]

XSS Eventobot
NVD
CVSS 3.1
6.1
EPSS
0.0%
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.

PHP SQLi Eventobot
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. [CVSS 6.1 MEDIUM]

XSS Eventobot
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy