Commotion Course Booking System vulnerabilities
3 known vulnerabilities affecting commotion/course_booking_system.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-22785P2CRITICALCVSS 9.3PoC≤ 6.0.62025-01-15
CVE-2025-22785 [CRITICAL] CWE-89 CVE-2025-22785: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ComMotion Course Booking System course-booking-system allows SQL Injection.This issue affects Course Booking System: from n/a through <= 6.0.6.
nvd
CVE-2025-32253P4MEDIUMCVSS 5.3≤ 6.12025-04-04
CVE-2025-32253 [MEDIUM] CWE-862 CVE-2025-32253: Missing Authorization vulnerability in ComMotion Course Booking System course-booking-system allows
Missing Authorization vulnerability in ComMotion Course Booking System course-booking-system allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Course Booking System: from n/a through <= 6.1.
nvd
CVE-2025-32508P4HIGHCVSS 7.1≤ 6.1.22025-04-17
CVE-2025-32508 [HIGH] CWE-79 CVE-2025-32508: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ComMotion Course Booking System course-booking-system allows Reflected XSS.This issue affects Course Booking System: from n/a through <= 6.1.2.
nvd