26 matches found
CVE-2026-13554
CVE-2026-13554 affects itsourcecode Online Hotel Management System 1.0. Affected component: POST Request Handler at /admin/mod_amenities/controller.php?action=add. The vulnerability arises from manipulation of the Name argument, resulting in a cross-site scripting (XSS) condition. The description...
CVE-2026-13553
A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...
CVE-2026-13553
The CVE-2026-13553 vulnerability affects itsourcecode Online Hotel Management System 1.0, specifically an unknown function in /admin/mod_amenities/controller.php?action=add. A manipulation of the image parameter enables unrestricted file upload, which can be triggered remotely. The exploit has be...
EUVD-2026-40064
A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...
CVE-2026-13552
A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...
CVE-2026-13552
The CVE-2026-13552 entry concerns itsourcecode Online Hotel Management System 1.0. A SQL injection vulnerability exists in the file /admin/mod_amenities/controller.php?action=edit triggered by manipulating the amen_id argument. This vulnerability can be exploited remotely, and public exploitation...
CVE-2026-4875
A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...
CVE-2026-4876
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...
EUVD-2026-16169
A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...
CVE-2026-4876
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...
CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...
CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...
CVE-2026-4875
A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...
CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload
A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...
CVE-2026-4875
CVE-2026-4875 concerns itsourcecode Free Hotel Reservation System 1.0. The vulnerability resides in an unknown function inside the admin/module_amenities/index.php?view=add endpoint, where manipulating the argument image enables an unrestricted upload. The exploit can be carried out remotely, and...
itsourcecode Free Hotel Reservation System SQL注入漏洞
itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file admin/modamenities/index.php?view=editpic...
EUVD-2026-10233
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...
CVE-2026-3730
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...
CVE-2026-3730
CVE-2026-3730 affects itsourcecode Free Hotel Reservation System 1.0. The flaw is a SQL injection in the file /hotel/admin/mod_amenities/index.php?view=edit, triggered by manipulating the arguments amen_id and rmtype_id. Exploitation is described as remote with a publicly released exploit. Severa...
CVE-2026-3730 itsourcecode Free Hotel Reservation System index.php sql injection
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...