Search
Find a vulnerability
Search criteria
2 vulnerabilities found for bookme by bylancer
CVE-2018-8737 (GCVE-0-2018-8737)
Vulnerability from nvd – Published: 2018-03-17 13:00 – Updated: 2024-08-05 07:02
VLAI
Summary
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://neetech18.blogspot.in/2018/03/stored-xss-… | x_refsource_MISC |
Date Public
2018-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:26.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers \"Book Me\" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user\u0027s browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-17T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers \"Book Me\" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user\u0027s browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html",
"refsource": "MISC",
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8737",
"datePublished": "2018-03-17T13:00:00.000Z",
"dateReserved": "2018-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:26.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8737 (GCVE-0-2018-8737)
Vulnerability from cvelistv5 – Published: 2018-03-17 13:00 – Updated: 2024-08-05 07:02
VLAI
Summary
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://neetech18.blogspot.in/2018/03/stored-xss-… | x_refsource_MISC |
Date Public
2018-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:26.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers \"Book Me\" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user\u0027s browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-17T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers \"Book Me\" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user\u0027s browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html",
"refsource": "MISC",
"url": "https://neetech18.blogspot.in/2018/03/stored-xss-vulnerability-in-bookme_17.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8737",
"datePublished": "2018-03-17T13:00:00.000Z",
"dateReserved": "2018-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:26.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}