16 matches found
CVE-2026-7697 AMTT Hotel Broadband Operation System cardhand_submit.php sql injection
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
PT-2026-36700
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2024-41476
AMTT Hotel Broadband Operation System HiBOS V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/carddetail.php...
CVE-2025-12253 AMTT Hotel Broadband Operation System get_expiredtime.php sql injection
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...
CVE-2025-3983 AMTT Hotel Broadband Operation System nlog_down.php command injection
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlogdown.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be...
CVE-2025-3983
AMTT Hotel Broadband Operation System v1.0 is affected by a command injection in an unknown functionality of /manager/system/nlog_down.php when the ProtocolType parameter is manipulated. Exploitation is remote, and multiple sources describe that the vulnerability can lead to full impact on confid...
CVE-2025-3983 AMTT Hotel Broadband Operation System nlog_down.php command injection
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlogdown.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be...
CVE-2025-2701 AMTT Hotel Broadband Operation System port_setup.php popen os command injection
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/portsetup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command...
CVE-2024-11051 AMTT Hotel Broadband Operation System online_status.php sql injection
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/onlinestatus.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch t...
CVE-2024-11050
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be...
CVE-2024-11050
CVE-2024-11050 affects AMTT Hotel Broadband Operation System up to version 3.0.3.151204. The vulnerability resides in /language.php, where manipulating LangID/LangName/LangEName triggers cross-site scripting. Attack may be carried out remotely and exploits have been disclosed publicly; vendor did...
CVE-2024-39072
AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...
CVE-2024-39072
AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...
PT-2024-28345 · Amtt · Amtt Hotel Broadband Operation System
Name of the Vulnerable Software and Affected Versions: AMTT Hotel Broadband Operation System HiBOS version 3.0.3.151204 Description: The issue concerns SQL injection via the "manager/conference/calendar remind.php" API endpoint. This allows for potential unauthorized access to sensitive data...
CVE-2024-39072
Affected software : AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204. Vulnerability : SQL injection via the API endpoint manager/conference/calendar_remind.php. Root cause / details : Documented as a SQL injection vulnerability reachable through the mentioned endpoint. No exploitation ...
Command Execution Vulnerability in Amami Hotel's Broadband Operations System
Ammed Century Beijing Technology Co., Ltd opened is a company whose business scope includes technology promotion services; software development; computer system services; sales of electronic products and so on. A command execution vulnerability exists in the broadband operation system of Amata...