Badminton Center Management System Project Badminton Center Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Badminton Center Management System Project Badminton Center Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2022-30455 — CVSS 9.8 (critical): Badminton Center Management System 1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_court_rental, id.
CVE-2022-31993 — CVSS 9.8 (critical): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_service.
CVE-2022-32002 — CVSS 9.8 (critical): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/manage_court.php?id=.
CVE-2022-30490 — CVSS 9.8 (critical): Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.
CVE-2022-31989 — CVSS 9.8 (critical): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=user/manage_user&id=.
CVE-2022-31990 — CVSS 9.8 (critical): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_product.
CVE-2022-31991 — CVSS 9.8 (critical): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_court.
CVE-2022-31998 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/view_details&id=.
CVE-2022-32000 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/manage_service_transaction…
CVE-2022-32001 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/view_product.php?id=.
CVE-2022-32006 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/services/view_service.php?id=.
CVE-2022-31985 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_sales_report&date=.
CVE-2022-31986 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_court_rental_report&date=.
CVE-2022-31988 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=.
CVE-2022-31992 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=.
CVE-2022-31994 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id.
CVE-2022-31996 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales/manage_sale&id=.
CVE-2022-32004 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manage_product.php?id=.
CVE-2022-32005 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/services/manage_service.php?id=.
CVE-2022-32003 — CVSS 7.2 (high): Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/view_court.php?id=.
CVE-2022-30456 — CVSS 5.4 (medium): Badminton Center Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /bcms/classes/Master.php?f=save_court_rental.
CVE-2022-1817 — CVSS 3.5 (low): A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at…