EUVD-2025-12638

ID: EUVD-2025-12638

Severity: critical

CVSS v4: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the "IDTIPO", "IDPISTA" and "IDSOCIO" parameters in /bkg_seleccionar_hora_ajax.php.

Timestamps

Normalized: 2025-12-31T11:32:31Z UTC
Last updated: 2025-12-31T11:31:09Z UTC

References

No references provided.

VulnAI

EUVD-2025-12638

Description

Timestamps

References