Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/05/03 1:15 p.m.39 views

CVE-2026-7697 AMTT Hotel Broadband Operation System cardhand_submit.php sql injection

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.9 views

PT-2026-36700

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.5 views

CVE-2024-41476

AMTT Hotel Broadband Operation System HiBOS V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/carddetail.php...

9.8CVSS9.8AI score0.006EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 9:2 a.m.3 views

CVE-2025-12253 AMTT Hotel Broadband Operation System get_expiredtime.php sql injection

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

7.5CVSS7.3AI score0.00394EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/27 7:31 p.m.19 views

CVE-2025-3983 AMTT Hotel Broadband Operation System nlog_down.php command injection

A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlogdown.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be...

5.8CVSS0.1657EPSS
Exploits1References4
CVE
CVE
added 2025/04/27 7:31 p.m.64 views

CVE-2025-3983

AMTT Hotel Broadband Operation System v1.0 is affected by a command injection in an unknown functionality of /manager/system/nlog_down.php when the ProtocolType parameter is manipulated. Exploitation is remote, and multiple sources describe that the vulnerability can lead to full impact on confid...

7.2CVSS5.3AI score0.1657EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/27 7:31 p.m.8 views

CVE-2025-3983 AMTT Hotel Broadband Operation System nlog_down.php command injection

A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlogdown.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be...

5.8CVSS5.3AI score0.1657EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/24 9:0 a.m.12 views

CVE-2025-2701 AMTT Hotel Broadband Operation System port_setup.php popen os command injection

A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/portsetup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command...

6.5CVSS0.06634EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/11/10 7:31 a.m.10 views

CVE-2024-11051 AMTT Hotel Broadband Operation System online_status.php sql injection

A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/onlinestatus.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch t...

6.5CVSS7.2AI score0.00526EPSS
Exploits1References4
NVD
NVD
added 2024/11/10 7:15 a.m.16 views

CVE-2024-11050

A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be...

5.4CVSS0.00379EPSS
Exploits1References4
CVE
CVE
added 2024/11/10 7:0 a.m.53 views

CVE-2024-11050

CVE-2024-11050 affects AMTT Hotel Broadband Operation System up to version 3.0.3.151204. The vulnerability resides in /language.php, where manipulating LangID/LangName/LangEName triggers cross-site scripting. Attack may be carried out remotely and exploits have been disclosed publicly; vendor did...

5.4CVSS3.9AI score0.00379EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/07/09 9:15 p.m.5 views

CVE-2024-39072

AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...

5.5CVSS5.8AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 9:15 p.m.27 views

CVE-2024-39072

AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...

5.5CVSS0.00396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.6 views

PT-2024-28345 · Amtt · Amtt Hotel Broadband Operation System

Name of the Vulnerable Software and Affected Versions: AMTT Hotel Broadband Operation System HiBOS version 3.0.3.151204 Description: The issue concerns SQL injection via the "manager/conference/calendar remind.php" API endpoint. This allows for potential unauthorized access to sensitive data...

5.5CVSS7.4AI score0.00396EPSS
Exploits0References4
CVE
CVE
added 2024/07/09 12:0 a.m.57 views

CVE-2024-39072

Affected software : AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204. Vulnerability : SQL injection via the API endpoint manager/conference/calendar_remind.php. Root cause / details : Documented as a SQL injection vulnerability reachable through the mentioned endpoint. No exploitation ...

5.5CVSS7.5AI score0.00396EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/06/06 12:0 a.m.1 views

Command Execution Vulnerability in Amami Hotel's Broadband Operations System

Ammed Century Beijing Technology Co., Ltd opened is a company whose business scope includes technology promotion services; software development; computer system services; sales of electronic products and so on. A command execution vulnerability exists in the broadband operation system of Amata...

7.6AI score
Exploits0
Rows per page
Query Builder