Lucene search

Hotels Server Security Vulnerabilities

cve

CVE-2021-33948

SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username...

9.8CVSS

9.8AI Score

0.002EPSS

2023-02-17 06:15 PM

cve

CVE-2020-18102

Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component...

6.1CVSS

7.4AI Score

0.003EPSS

2021-05-10 08:15 PM

cve

CVE-2019-8393

Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is...

9.8CVSS

8.9AI Score

0.002EPSS

2019-02-17 03:29 PM

cve

CVE-2019-7648

controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password...

7.5CVSS

7.5AI Score

0.006EPSS

2019-02-08 05:29 PM

cve

CVE-2019-6497

Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username...

9.8CVSS

8.8AI Score

0.002EPSS

2019-01-20 08:29 PM