CVE-2025-40617 | Bookgy HTTP Request bkg_seleccionar_hora_ajax.php IDTIPO/IDPISTA/IDSOCIO sql injection

A vulnerability, which was classified as critical, was found in Bookgy. Affected is an unknown function of the file /bkg_seleccionar_hora_ajax.php of the component HTTP Request Handler. The manipulation of the argument IDTIPO/IDPISTA/IDSOCIO leads to sql injection.

This vulnerability is traded as CVE-2025-40617. It is possible to launch the attack remotely. There is no exploit available.VulDB Recent EntriesRead More