SQL Injection Vulnerability in Salon Booking System
CVE-2024-39658

7.2HIGH

Key Information:

Vendor: WordPress
Status: Salon Booking System
Vendor: CVE Published:; 29 August 2024

What is CVE-2024-39658?

The Salon Booking System is susceptible to an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands. This flaw allows unauthorized users to manipulate SQL queries, potentially leading to data leakage or corruption. This vulnerability affects versions ranging from n/a through 10.7. Users of the Salon Booking System must implement corrective measures to mitigate risks associated with this security issue.

Affected Version(s)

Salon booking system <= 10.7

References

https://patchstack.com/database/vulnerability/salon-booki...

vdb-entry

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2024
Vulnerability Reserved
Jun 26, 2024

Credit

justakazh (Patchstack Alliance)

WordPress

What is CVE-2024-39658?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit