浏览 131+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6376 | Missing authentication for critical function in SpiceJet Online Booking System | SpiceJet | Online Booking System | - | - | 2026-04-23 20:10:20 | Deep Dive |
| CVE-2026-6375 | Authorization bypass through User-Controlled key in SpiceJet Online Booking System | SpiceJet | Online Booking System | - | - | 2026-04-23 20:07:24 | Deep Dive |
| CVE-2026-2519 | Online Scheduling and Appointment Booking System – Bookly <= 27.0 - Unauthenticated Price Manipulation via 'tips' | ladela | Online Scheduling and Appointment Booking System – Bookly | Medium | 5.3 | 2026-04-09 12:28:06 | Deep Dive |
| CVE-2026-5705 | code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting | code-projects | Online Hotel Booking | Medium | 4.3 | 2026-04-06 23:30:12 | Deep Dive |
| CVE-2025-14939 | code-projects Online Appointment Booking System deletemanager.php sql injection | code-projects | Online Appointment Booking System | Medium | 4.7 | 2025-12-19 04:02:06 | Deep Dive |
| CVE-2025-14833 | code-projects Online Appointment Booking System deletemanagerclinic.php sql injection | code-projects | Online Appointment Booking System | High | 7.3 | 2025-12-17 22:32:07 | Deep Dive |
| CVE-2025-67559 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Broken Access Control vulnerability | vcita | Online Booking & Scheduling Calendar for WordPress by vcita | Medium | 5.4 | 2025-12-09 14:14:09 | Deep Dive |
| CVE-2025-67472 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Cross Site Request Forgery (CSRF) vulnerability | vcita | Online Booking & Scheduling Calendar for WordPress by vcita | Medium | 4.3 | 2025-12-09 14:13:57 | Deep Dive |
| CVE-2025-13385 | Bookme <= 4.2 - Authenticated (Admin+) SQL Injection via 'filter[status]' Parameter | bylancer | Bookme – Free Online Appointment Booking and Scheduling Plugin | Medium | 4.9 | 2025-11-25 07:28:27 | Deep Dive |
| CVE-2025-58661 | WordPress eZee Online Hotel Booking Engine Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability | eZee Technosys | eZee Online Hotel Booking Engine | Medium | 5.9 | 2025-09-22 18:23:02 | Deep Dive |
| CVE-2025-54677 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.5.3 - Arbitrary File Upload Vulnerability | vcita | Online Booking & Scheduling Calendar for WordPress by vcita | Critical | 9.1 | 2025-08-20 08:02:52 | Deep Dive |
| CVE-2025-8960 | Campcodes Online Flight Booking Management System save_airlines.php sql injection | Campcodes | Online Flight Booking Management System | High | 7.3 | 2025-08-14 11:32:10 | Deep Dive |
| CVE-2025-54676 | WordPress Online Booking & Scheduling Calendar for by vcita Plugin plugin <= 4.5.3 - Cross Site Scripting (XSS) Vulnerability | vcita | Online Booking & Scheduling Calendar for WordPress by vcita | Medium | 6.5 | 2025-08-14 10:34:42 | Deep Dive |
| CVE-2025-8957 | Campcodes Online Flight Booking Management System flights.php sql injection | Campcodes | Online Flight Booking Management System | High | 7.3 | 2025-08-14 10:32:10 | Deep Dive |
| CVE-2025-8952 | Campcodes Online Flight Booking Management System Login ajax.php sql injection | Campcodes | Online Flight Booking Management System | High | 7.3 | 2025-08-14 08:32:09 | Deep Dive |
| CVE-2025-7927 | PHPGurukul Online Banquet Booking System view-user-queries.php sql injection | PHPGurukul | Online Banquet Booking System | Medium | 6.3 | 2025-07-21 14:32:06 | Deep Dive |
| CVE-2025-7926 | PHPGurukul Online Banquet Booking System booking-search.php cross site scripting | PHPGurukul | Online Banquet Booking System | Low | 3.5 | 2025-07-21 13:32:07 | Deep Dive |
| CVE-2025-7925 | PHPGurukul Online Banquet Booking System login.php cross site scripting | PHPGurukul | Online Banquet Booking System | Medium | 4.3 | 2025-07-21 12:32:07 | Deep Dive |
| CVE-2025-7924 | PHPGurukul Online Banquet Booking System admin-profile.php cross site scripting | PHPGurukul | Online Banquet Booking System | Low | 3.5 | 2025-07-21 11:02:08 | Deep Dive |
| CVE-2025-7765 | code-projects Online Appointment Booking System addmanagerclinic.php sql injection | code-projects | Online Appointment Booking System | High | 7.3 | 2025-07-17 22:44:07 | Deep Dive |