Online Sports Complex Booking System 1.0 Master.php sql injection

A vulnerability has been found in Online Sports Complex Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file \scbs\classes\Master.php?f=delete_category. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field05/12/2022 06:40 PM05/14/2022 06:19 PM
nameOnline Sports Complex Booking SystemOnline Sports Complex Booking System
version1.01.0
file\scbs\classes\Master.php?f=delete_category\scbs\classes\Master.php?f=delete_category
cwe89 (sql injection)89 (sql injection)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rcRR
urlhttps://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/Online-Sports-Complex-Booking-System/SQLi-1.mdhttps://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/Online-Sports-Complex-Booking-System/SQLi-1.md
cveCVE-2022-29985CVE-2022-29985
cve_assigned16514424001651442400
date1652306400 (05/12/2022)1652306400 (05/12/2022)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcURUR
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss3_vuldb_prLL
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss2_vuldb_basescore6.56.5
cvss2_vuldb_tempscore6.26.2
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.16.1
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.16.1
price_0day$0-$5k$0-$5k
cve_nvd_summaryOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.

Want to stay up to date on a daily basis?

Enable the mail alert feature now!