SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/151692/WordPress-Booking-Calendar-8.4.3-SQL-Injection.html | Exploit VDB Entry Third Party Advisory |
https://gist.github.com/B0UG/a750c2c204825453e6faf898ea6d09f6 | |
https://vulners.com/exploitdb/EDB-ID:46377 | |
https://www.exploit-db.com/exploits/46377/ | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-18T15:43:48
Updated: 2019-05-09T15:20:35
Reserved: 2018-12-28T00:00:00
Link: CVE-2018-20556
JSON object: View
NVD Information
Status : Modified
Published: 2019-03-21T16:00:36.217
Modified: 2019-05-09T16:29:00.467
Link: CVE-2018-20556
JSON object: View
Redhat Information
No data.
CWE