Lucene search
K

399 matches found

EUVD
EUVD
added 3 days ago9 views

EUVD-2026-41710

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 3 days ago7 views

CVE-2026-14688

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/06/29 10:16 a.m.8 views

CVE-2026-13553

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS0.00474EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 10:16 a.m.7 views

CVE-2026-13555

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 10:0 a.m.17 views

CVE-2026-13557

The CVE-2026-13557 affects itsourcecode Online Hotel Management System 1.0. An attacker can manipulate the Name argument in the POST handler at /admin/mod_room/controller.php?action=add, triggering cross-site scripting. The vulnerability is exploitable remotely, and public exploit code appears to...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 9:45 a.m.34 views

CVE-2026-13556 itsourcecode Online Hotel Management System POST Request controller.php edit cross site scripting

A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/modusers/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be...

5.3CVSS0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 9:30 a.m.32 views

CVE-2026-13555 itsourcecode Online Hotel Management System controller.php add sql injection

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS0.00412EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 9:15 a.m.5 views

EUVD-2026-40065

A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/modamenities/controller.php?action=add of the component POST Request Handler. The manipulation of the argument Name leads to cross site...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 9:15 a.m.15 views

CVE-2026-13554

CVE-2026-13554 affects itsourcecode Online Hotel Management System 1.0. Affected component: POST Request Handler at /admin/mod_amenities/controller.php?action=add. The vulnerability arises from manipulation of the Name argument, resulting in a cross-site scripting (XSS) condition. The description...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 9:0 a.m.34 views

CVE-2026-13553 itsourcecode Online Hotel Management System controller.php add unrestricted upload

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS0.00474EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 9:0 a.m.5 views

EUVD-2026-40064

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 9:0 a.m.7 views

CVE-2026-13553

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/29 8:45 a.m.5 views

EUVD-2026-40063

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 8:45 a.m.31 views

CVE-2026-13552 itsourcecode Online Hotel Management System controller.php edit sql injection

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...

7.5CVSS0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 8:45 a.m.15 views

CVE-2026-13552

The CVE-2026-13552 entry concerns itsourcecode Online Hotel Management System 1.0. A SQL injection vulnerability exists in the file /admin/mod_amenities/controller.php?action=edit triggered by manipulating the amen_id argument. This vulnerability can be exploited remotely, and public exploitation...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/06/18 2:17 p.m.11 views

CVE-2026-54419

claudiopizzillo PIAF-HMS PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5 contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters...

9.8CVSS0.00587EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/18 10:21 a.m.15 views

EUVD-2026-37872

claudiopizzillo PIAF-HMS PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5 contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters...

9.8CVSS5.8AI score0.00587EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7506

A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument roomtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS7AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6142

A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roomdelete.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of th...

7.5CVSS7AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 11:16 p.m.5 views

CVE-2026-7506

A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument roomtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS0.0026EPSS
Exploits0References5
Rows per page
Query Builder