Classroombookings
by Craig Rodway
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-35382 | Hig | 0.47 | 7.2 | 0.01 | Dec 14, 2020 | SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user. | ||
| CVE-2023-23012 | Med | 0.40 | 6.1 | 0.00 | Jan 20, 2023 | Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php. | ||
| CVE-2024-9806 | Low | 0.23 | 3.5 | 0.00 | Oct 10, 2024 | A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic. This vulnerability affects unknown code of the file /rooms/fields of the component Room Page. The manipulation of the argument Name leads to cross site scripting. The… | ||
| CVE-2024-9807 | Low | 0.16 | 2.4 | 0.00 | Oct 10, 2024 | A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be… |
- risk 0.47cvss 7.2epss 0.01
SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php.
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic. This vulnerability affects unknown code of the file /rooms/fields of the component Room Page. The manipulation of the argument Name leads to cross site scripting. The…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be…