{"id":8044,"date":"2025-07-12T23:50:39","date_gmt":"2025-07-12T23:50:39","guid":{"rendered":"http:\/\/localhost\/?p=8044"},"modified":"2025-07-12T23:50:39","modified_gmt":"2025-07-12T23:50:39","slug":"code-projects-online-appointment-booking-system-getdayphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8044","title":{"rendered":"code-projects Online Appointment Booking System getDay.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\ncode-projects Online Appointment Booking System getDay.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-13T04:32:05.213Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-13T04:32:05.213Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nOnline Appointment Booking System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical SQL injection vulnerability exists in the getDay.php file of the Online Appointment Booking System 1.0. This vulnerability allows remote attackers to inject malicious SQL code via the cidval parameter, potentially leading to unauthorized data access and manipulation.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
AI Product<\/th>\nOnline Appointment Booking System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n