SQL Injection Vulnerability in Laundry Booking Script by Freelance Developers
CVE-2017-17619

9.8CRITICAL

Key Information:

Vendor

Laundry Booking Script Project

Status
Laundry Booking Script
Vendor
CVE Published:
13 December 2017

What is CVE-2017-17619?

The Laundry Booking Script 1.0 is vulnerable to SQL Injection through the '/list city' parameter, allowing attackers to manipulate queries and potentially gain unauthorized access to the database. This flaw can lead to data leakage, unauthorized database modifications, or complete control over the backend database system. It is crucial for users of the Laundry Booking Script to implement security measures to mitigate this risk, including input validation and the use of prepared statements.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/43288/
exploitx_refsource_EXPLOIT-DB
https://packetstormsecurity.com/files/145328/Laundry-Book...
x_refsource_MISC
https://packetstormsecurity.com/files/145330/Laundry-Book...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.