Vulnerability Description
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Online Sports Complex Booking System Project | Online Sports Complex Booking System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/playZG/Exploit-/blob/main/Online%20Sports%20Complex%20Booking
- https://packetstormsecurity.com/files/166598/Online-Sports-Complex-Booking-SysteExploitThird Party AdvisoryVDB Entry
- https://github.com/playZG/Exploit-/blob/main/Online%20Sports%20Complex%20Booking
- https://packetstormsecurity.com/files/166598/Online-Sports-Complex-Booking-SysteExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2022-28962?
CVE-2022-28962 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.
How severe is CVE-2022-28962?
CVE-2022-28962 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-28962?
Check the references section above for vendor advisories and patch information. Affected products include: Online Sports Complex Booking System Project Online Sports Complex Booking System.