Lucene search
+L

56 matches found

EUVD
EUVD
added last week6 views

EUVD-2026-43216

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. Impacted is an unknown function of the file manager/network/switchstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and...

5.8CVSS6AI score0.00202EPSS
Exploits0References5
CVE
CVE
added last week17 views

CVE-2026-15494

AMTT Hotel Broadband Operation System 1.0 contains a SQL injection flaw in an unknown function of file manager/network/switch_status.php. Manipulating the argument ID remotely can lead to SQL injection. An exploit has been published and may be used; vendor contact occurred with no response. Docum...

5.8CVSS6AI score0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added last week35 views

CVE-2026-15494 AMTT Hotel Broadband Operation System switch_status.php sql injection

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. Impacted is an unknown function of the file manager/network/switchstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and...

5.8CVSS0.00202EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.9 views

CVE-2026-7697

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 2:16 p.m.26 views

CVE-2026-7697

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS0.00206EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/03 1:15 p.m.47 views

CVE-2026-7697 AMTT Hotel Broadband Operation System cardhand_submit.php sql injection

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.12 views

PT-2026-36700

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.7 views

CVE-2024-41476

AMTT Hotel Broadband Operation System HiBOS V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/carddetail.php...

9.8CVSS9.8AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.8 views

CVE-2024-39072

AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...

5.5CVSS6AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/08 9:13 p.m.13 views

CVE-2025-14090

A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmakedown.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.2CVSS6.8AI score0.00294EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/05 3:32 p.m.6 views

EUVD-2025-201425

A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmakedown.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS6.3AI score0.00294EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/05 3:32 p.m.3 views

CVE-2025-14090 AMTT Hotel Broadband Operation System cardmake_down.php sql injection

A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmakedown.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS6.5AI score0.00294EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/05 3:32 p.m.33 views

CVE-2025-14090 AMTT Hotel Broadband Operation System cardmake_down.php sql injection

A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmakedown.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS0.00294EPSS
Exploits1References4
CVE
CVE
added 2025/12/05 3:32 p.m.11 views

CVE-2025-14090

The CVE-2025-14090 entry concerns AMTT Hotel Broadband Operation System 1.0. A SQL injection is triggered by manipulating the ID parameter in the file /manager/card/cardmake_down.php, with remote applicability. The root cause is improper handling of the ID input leading to injection, enabling una...

7.2CVSS6.5AI score0.00294EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

AMTT Hotel Broadband Operation System SQL注入漏洞

AMTT Hotel Broadband Operation System is a hotel broadband operation system from China's AMTT company. A SQL injection vulnerability exists in AMTT Hotel Broadband Operation System version 1.0, which originates from the incorrect operation of the parameter ID in the file...

7.2CVSS5.6AI score0.00294EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/14 7:2 p.m.15 views

CVE-2025-13123

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS6.8AI score0.00331EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/13 9:31 p.m.5 views

EUVD-2025-175364

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.00331EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/28 9:51 a.m.11 views

CVE-2025-12253

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

9.8CVSS7.4AI score0.00394EPSS
Exploits1References1
OSV
OSV
added 2025/10/27 9:15 a.m.5 views

CVE-2025-12253

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

9.8CVSS5.7AI score0.00394EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/27 9:2 a.m.3 views

CVE-2025-12253 AMTT Hotel Broadband Operation System get_expiredtime.php sql injection

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

7.5CVSS7.3AI score0.00394EPSS
Exploits1References4
Rows per page
Query Builder