3 matches found
CVE-2022-36254
Multiple persistent cross-site scripting XSS vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname"...
CVE-2022-36254
creationtimestamp| type| source ---|---|--- 2022-09-12 07:23:17+00:00| seen| https://t.me/cibsecurity/49573...
CVE-2022-36254
The connected PT-2022-23273 entry provides concrete details for CVE-2022-36254: tramyardg Hotel Management System 1.0 (index.php) is vulnerable to persistent XSS via the fullname parameter, enabling remote script/HTML injection. Affected component is index.php; root cause is improper handling of ...