8 matches found
EUVD-2023-55598
Malicious code in bioql PyPI...
Sql injection
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'city' parameter of the hotelSearch.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2024-13982 · Unknown · Travel Website
Name of the Vulnerable Software and Affected Versions: Travel Website version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the city parameter of the "hotelSearch.php" resource does not validate the characters received, and they are sent...
Travel Website SQL Injection Vulnerability
Travel Website is a PHP-based travel website. A SQL injection vulnerability exists in Travel Website v1.0, which occurs when the city parameter of the hotelSearch.php page is processed without filtering before sending the data to the database for processing...
Hotel Search HRS (New) - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Hotel Search HRS New published at the 'play' market has multiple vulnerabilities...
holidaycheck.de XSS vulnerability
Vulnerable URL: https://www.holidaycheck.de/hotelsuche.php?submit=1=indextype=u"...
misteraladin.com XSS vulnerability
Vulnerable URL: https://www.misteraladin.com/hotel/search?checkin=2015-12-18=2015-12-19=1=city-144=xs%22%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:23 GMT Vulnerability type:| XSS...
SQL injection vulnerability in prtp parameter of travel e-commerce platform belonging to Shenzhen Dingyou
The tourism e-commerce platform is also a platform for a business system that uses electronic means to operate the tourism industry and its distribution system, based on a network as the main body, a tourism information base and an electronic business bank. There is a SQL injection vulnerability ...