CVE Details
Basic Information
| Title | Campcodes Complete Online DJ Booking System booking-search.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-03-20T19:00:07.213Z |
| Modified | 2024-08-01T19:25:40.553Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Complete Online DJ Booking System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in the booking-search.php file of Campcodes Complete Online DJ Booking System 1.0. This vulnerability allows remote attackers to inject malicious SQL code, potentially leading to data extraction or system compromise. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Campcodes |
| AI Product | Complete Online DJ Booking System |
| AI Version | 1.0 |
Affected Products
- Campcodes Complete Online DJ Booking System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in Campcodes Complete Online DJ Booking System 1.0. Affected is an unknown function of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257466 is the identifier assigned to this vulnerability.