Описание
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the "IDTIPO", "IDPISTA" and "IDSOCIO" parameters in /bkg_seleccionar_hora_ajax.php.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bookgy:bookgy:-:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
9 месяцев назад
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the "IDTIPO", "IDPISTA" and "IDSOCIO" parameters in /bkg_seleccionar_hora_ajax.php.
EPSS
Процентиль: 19%
0.00061
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89