{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-40617","assignerOrgId":"0cbda920-cd7f-484a-8e76-bf7f4b7f4516","state":"PUBLISHED","assignerShortName":"INCIBE","dateReserved":"2025-04-16T08:38:07.129Z","datePublished":"2025-04-29T15:42:32.647Z","dateUpdated":"2025-04-29T16:17:03.869Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Bookgy","vendor":"Bookgy","versions":[{"status":"affected","version":"all versions"}]}],"credits":[{"lang":"en","type":"finder","value":"David Utón Amaya (m3n0sd0n4ld)"}],"datePublic":"2025-04-29T10:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the \"IDTIPO\", \"IDPISTA\" and \"IDSOCIO\" parameters in /bkg_seleccionar_hora_ajax.php."}],"value":"SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the \"IDTIPO\", \"IDPISTA\" and \"IDSOCIO\" parameters in /bkg_seleccionar_hora_ajax.php."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":9.3,"baseSeverity":"CRITICAL","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"0cbda920-cd7f-484a-8e76-bf7f4b7f4516","shortName":"INCIBE","dateUpdated":"2025-04-29T15:42:32.647Z"},"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bookgy"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The vulnerability has been fixed by the Bookgy team in October 2024 and are no longer exploitable today."}],"value":"The vulnerability has been fixed by the Bookgy team in October 2024 and are no longer exploitable today."}],"source":{"discovery":"EXTERNAL"},"title":"SQL injection vulnerability in Bookgy","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-29T16:16:52.751645Z","id":"CVE-2025-40617","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-29T16:17:03.869Z"}}]}}