CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

353 matches found

EUVD-2026-33819

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

7.5CVSS5.7AI score0.00033EPSS

Exploits0References7

NVD•added 2 days ago•9 views

CVE-2026-10289

A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be initiated remotely. The...

5.3CVSS0.00036EPSS

Exploits0References6

NVD•added 2 days ago•6 views

CVE-2026-10288

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS0.00098EPSS

Exploits0References6

ATTACKERKB•added 2 days ago•5 views

CVE-2026-10290

7.5CVSS5.7AI score0.00033EPSS

Exploits0References6Affected Software1

CVE•added 2 days ago•7 views

CVE-2026-10289

The CVE concerns code-projects Hotel and Tourism Reservation System 1.0. Affected is an unknown function in the file /ht/tour.php where manipulating the arguments /email, /people, or /number leads to cross-site scripting. The attack is remote, and the exploit has been released publicly. No remedi...

5.3CVSS4.3AI score0.00036EPSS

Exploits0References6

Cvelist•added 2 days ago•22 views

CVE-2026-10289 code-projects Hotel and Tourism Reservation System tour.php cross site scripting

5.3CVSS0.00036EPSS

Exploits0References6

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10288

7.5CVSS5.6AI score0.00098EPSS

Exploits0References6Affected Software1

CVE•added 2 days ago•12 views

CVE-2026-10288

The vulnerability affects code-projects Hotel and Tourism Reservation System 1.0 (Admin Login component). The issue lies in the function password_verify in /admin/login.php, where manipulation of the Password argument leads to improper authentication. It is exploitable remotely, and a publicly av...

7.5CVSS5.6AI score0.00098EPSS

Exploits0References6

Vulnrichment•added 2 days ago•3 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

7.5CVSS6.9AI score0.00098EPSS

Exploits0References6

CNNVD•added 2 days ago•4 views

Code-Projects Hotel and Tourism Reservation System Code Injection Vulnerability

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a code injection vulnerability. This vulnerability arises from unauthorized operations on...

5.3CVSS5.7AI score0.00036EPSS

Exploits0References6

Positive Technologies•added 2 days ago•10 views

PT-2026-45554

5.3CVSS4.3AI score0.00036EPSS

Exploits0References6

Positive Technologies•added 2 days ago•6 views

PT-2026-45553

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launc...

7.5CVSS5.6AI score0.00098EPSS

Exploits0References6

Positive Technologies•added 2 days ago•7 views

PT-2026-45605

7.5CVSS5.7AI score0.00033EPSS

Exploits0References7

RedhatCVE•added 2026/04/06 10:57 a.m.•1 views

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS6.9AI score0.00043EPSS

Exploits0References1

NVD•added 2026/04/05 9:16 a.m.•0 views

CVE-2026-5551

7.5CVSS0.00043EPSS

Exploits0References5

ATTACKERKB•added 2026/04/05 8:15 a.m.•1 views

CVE-2026-5551

7.5CVSS5.8AI score0.00043EPSS

Exploits0References5Affected Software1

CNNVD•added 2026/04/05 12:0 a.m.•3 views

itsourcecode Free Hotel Reservation System SQL注入漏洞

itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the email parameter in the file /hotel/admin/login.php, which may lead...

7.5CVSS7.2AI score0.00043EPSS

Exploits0References5

RedhatCVE•added 2026/03/28 11:10 p.m.•0 views

CVE-2026-4966

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/modroom/index.php?view=edit. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and m...

6.5CVSS6.5AI score0.00012EPSS

Exploits0References1

EUVD•added 2026/03/27 6:31 p.m.•0 views

EUVD-2026-16738

6.5CVSS5.8AI score0.00012EPSS

Exploits0References6

CVE•added 2026/03/27 5:41 p.m.•5 views

CVE-2026-4966

CVE-2026-4966 affects itsourcecode Free Hotel Reservation System 1.0. The vulnerability is in the file /admin/mod_room/index.php?view=edit where manipulating the ID parameter enables SQL injection. It can be exploited remotely, and public exploits have been published. Various sources confirm the ...

6.5CVSS6.5AI score0.00012EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by