Lucene search
+L

26 matches found

cve
cve
added 2026/06/29 9:15 a.m.18 views

CVE-2026-13554

CVE-2026-13554 affects itsourcecode Online Hotel Management System 1.0. Affected component: POST Request Handler at /admin/mod_amenities/controller.php?action=add. The vulnerability arises from manipulation of the Name argument, resulting in a cross-site scripting (XSS) condition. The description...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/06/29 9:0 a.m.7 views

CVE-2026-13553

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6Affected Software1
cve
cve
added 2026/06/29 9:0 a.m.16 views

CVE-2026-13553

The CVE-2026-13553 vulnerability affects itsourcecode Online Hotel Management System 1.0, specifically an unknown function in /admin/mod_amenities/controller.php?action=add. A manipulation of the image parameter enables unrestricted file upload, which can be triggered remotely. The exploit has be...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6
euvd
euvd
added 2026/06/29 9:0 a.m.7 views

EUVD-2026-40064

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/06/29 8:45 a.m.7 views

CVE-2026-13552

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
cve
cve
added 2026/06/29 8:45 a.m.17 views

CVE-2026-13552

The CVE-2026-13552 entry concerns itsourcecode Online Hotel Management System 1.0. A SQL injection vulnerability exists in the file /admin/mod_amenities/controller.php?action=edit triggered by manipulating the amen_id argument. This vulnerability can be exploited remotely, and public exploitation...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/03/27 5:9 p.m.4 views

CVE-2026-4875

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS5.6AI score0.00223EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/27 5:9 p.m.6 views

CVE-2026-4876

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References1
euvd
euvd
added 2026/03/26 3:30 p.m.4 views

EUVD-2026-16169

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References6
nvd
nvd
added 2026/03/26 2:16 p.m.6 views

CVE-2026-4876

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

6.5CVSS0.00196EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/03/26 1:5 p.m.3 views

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References5
cvelist
cvelist
added 2026/03/26 1:5 p.m.37 views

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

6.5CVSS0.00196EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/03/26 12:23 p.m.2 views

CVE-2026-4875

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS5.6AI score0.00223EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2026/03/26 12:23 p.m.3 views

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS5.6AI score0.00223EPSS
Exploits0References5
cve
cve
added 2026/03/26 12:23 p.m.14 views

CVE-2026-4875

CVE-2026-4875 concerns itsourcecode Free Hotel Reservation System 1.0. The vulnerability resides in an unknown function inside the admin/module_amenities/index.php?view=add endpoint, where manipulating the argument image enables an unrestricted upload. The exploit can be carried out remotely, and...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/03/26 12:0 a.m.7 views

itsourcecode Free Hotel Reservation System SQL注入漏洞

itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file admin/modamenities/index.php?view=editpic...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References5
euvd
euvd
added 2026/03/08 12:30 p.m.5 views

EUVD-2026-10233

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...

7.5CVSS6.9AI score0.00357EPSS
Exploits1References8
osv
osv
added 2026/03/08 11:15 a.m.4 views

CVE-2026-3730

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...

9.8CVSS5.7AI score0.00357EPSS
Exploits1References7
cve
cve
added 2026/03/08 10:32 a.m.18 views

CVE-2026-3730

CVE-2026-3730 affects itsourcecode Free Hotel Reservation System 1.0. The flaw is a SQL injection in the file /hotel/admin/mod_amenities/index.php?view=edit, triggered by manipulating the arguments amen_id and rmtype_id. Exploitation is described as remote with a publicly released exploit. Severa...

9.8CVSS6.9AI score0.00357EPSS
Exploits1References7Affected Software1
cvelist
cvelist
added 2026/03/08 10:32 a.m.35 views

CVE-2026-3730 itsourcecode Free Hotel Reservation System index.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...

7.5CVSS0.00357EPSS
Exploits1References7
Rows per page
Query Builder