CVE-2016-20069 | dwbooster Booking Calendar Contact Form up to 1.0.23 Shortcode calendar sql injection (Exploit 39423 / EDB-39423)

Inserito da Angelo Barbosa | Giu 15, 2026 | CVE

A vulnerability was found in dwbooster Booking Calendar Contact Form up to 1.0.23 and classified as critical. This affects an unknown function of the component Shortcode Handler. Executing a manipulation of the argument calendar can lead to sql injection.

This vulnerability is handled as CVE-2016-20069. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2016-20069 | dwbooster Booking Calendar Contact Form up to 1.0.23 Shortcode calendar sql injection (Exploit 39423 / EDB-39423)

Post correlati

CVE-2025-10827 | PHPJabbers Restaurant Menu Maker up to 1.1 /preview.php theme cross site scripting

CVE-2024-8996 | Grafana Agent Flow up to 0.43.1 on Windows Flow Mode unquoted search path

CVE-2024-57076 | ajax-request 1.2.3 lib.post prototype pollution

CVE-2024-20517 | Cisco RV042/RV042G/RV320/RV325 up to 4.2.3.14 heap-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)