CommonsBooking 漏洞列表

共找到 2 个与 CommonsBooking 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-0658: CommonsBooking < 2.6.8 - SQL Injection POC

日期: 2025-08-01 | 影响软件: CommonsBooking

The plugin does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection.
CVE-2022-0658: CommonsBooking < 2.6.8 - SQL Injection POC

日期: 2025-08-01 | 影响软件: CommonsBooking

The plugin does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection.