Eventobot

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-40639 CRITICAL Act Now

SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.

PHP SQLi Eventobot
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-40638 MEDIUM This Month

A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. [CVSS 6.1 MEDIUM]

XSS Eventobot
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-40639
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.

PHP SQLi Eventobot
NVD VulDB
CVE-2025-40638
EPSS 0% CVSS 6.1
MEDIUM This Month

A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. [CVSS 6.1 MEDIUM]

XSS Eventobot
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy