Skip to main content

Online Sports Complex Booking System

17 CVEs product

Monthly

CVE-2022-28106 CRITICAL POC Act Now

Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Online Sports Complex Booking System
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-28105 CRITICAL POC Act Now

Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-29652 MEDIUM POC This Month

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-29304 HIGH POC This Week

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-28962 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-29995 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29994 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29993 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29992 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29990 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29989 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29988 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29987 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29986 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-29985 CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-28094 MEDIUM POC This Month

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Online Sports Complex Booking System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-28093 CRITICAL POC Act Now

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Online Sports Complex Booking System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.2%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Online Sports Complex Booking System
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Sports Complex Booking System
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Online Sports Complex Booking System
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Online Sports Complex Booking System
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy