Medium severity5.3NVD Advisory· Published Oct 4, 2021· Updated Jun 17, 2026
CVE-2021-37331
CVE-2021-37331
Description
Laravel Booking System Booking Core 2.0 is vulnerable to Incorrect Access Control. On the Verifications page, after uploading an ID Card or Trade License and viewing it, ID Cards and Trade Licenses of other vendors/users can be viewed by changing the URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Laravel Booking System/Booking Coredescription
- Range: = 2.0
Patches
Vulnerability mechanics
References
1- www.navidkagalwalla.com/booking-core-vulnerabilitiesnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.