Lucene search
K

16 matches found

Nuclei
Nuclei
added 12 hours ago45 views

Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting

Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clic...

4.3CVSS6.1AI score0.03792EPSS
Exploits3References5
Nuclei
Nuclei
added 12 hours ago89 views

Online Event Booking and Reservation System 2.3.0 - SQL Injection

Online Event Booking and Reservation System 2.3.0 contains a SQL injection vulnerability in event-management/views. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.1AI score0.15806EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2025/05/22 9:6 p.m.28 views

CVE-2021-42662

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...

5.4CVSS5.7AI score0.01647EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.6 views

The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester, which allows a perpetrator to execute JavaScript commands on behalf of a user on the web server

The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute JavaScript commands on behalf of a user on the web...

6.4CVSS6.1AI score0.01647EPSS
Exploits5References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.6 views

The vulnerability of the online event booking and reservation system, which exists due to the failure to take measures to eliminate special elements that allow a violator to disclose protected information.

The vulnerability of the online event booking and reservation system exists due to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

4.3CVSS5.5AI score0.03792EPSS
Exploits3References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2021/12/15 12:0 a.m.8 views

Sourcecodester Online Event Booking and Reservation System SQL Injection (CVE-2021-42667)

An SQL injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.15806EPSS
Exploits3
NVD
NVD
added 2021/11/05 1:15 p.m.17 views

CVE-2021-42667

A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in som...

9.8CVSS0.15806EPSS
Exploits3References3
Cvelist
Cvelist
added 2021/11/05 12:26 p.m.19 views

CVE-2021-42667

A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in som...

10AI score0.15806EPSS
Exploits3References3
CVE
CVE
added 2021/11/05 12:17 p.m.74 views

CVE-2021-42663

Sourcecodester Online Event Booking and Reservation System 2.3.0 is affected by a cross-site scripting vulnerability (HTML injection) in the /event-management/index.php page, via the msg parameter. The vulnerable component is index.php; an attacker-supplied payload in msg can cause the victim to ...

4.3CVSS4.7AI score0.03792EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2021/11/05 10:21 a.m.40 views

CVE-2021-42662

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...

5.5AI score0.01647EPSS
Exploits5References4
CVE
CVE
added 2021/11/05 10:21 a.m.58 views

CVE-2021-42662

CVE-2021-42662 is a Stored Cross-Site Scripting (XSS) vulnerability affecting the Sourcecodester Online Event Booking and Reservation System (PHP/MySQL). The issue is triggered via the holiday reason parameter (also referenced as reason/holiday field in various advisories) and can allow an attack...

5.4CVSS5.2AI score0.01647EPSS
Exploits5References4Affected Software1
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.4 views

Engineers Online Portal 跨站脚本漏洞

Sourcecodester Online Event Booking and Reservation System is developed using PHP, MySQL database, HTML, CSS, Javascript, Bootstrap and AdminLTE. The system can be accessed by 3 types of users, namely system administrators, students and faculty. sourcecodester Online Event Booking and Reservation...

5.4CVSS5.1AI score0.01647EPSS
Exploits5References5
GithubExploit
GithubExploit
added 2021/11/03 8:31 p.m.424 views

Exploit for SQL Injection in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System

CVE-2021-42667 CVE-2021-42667 - SQL Injection vulnerability in...

9.8CVSS9.8AI score0.15806EPSS
Exploits3
GithubExploit
GithubExploit
added 2021/11/03 6:49 p.m.90 views

Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System

CVE-2021-42663 CVE-2021-42662 - HTML Injection vulnerability i...

5.4CVSS5.5AI score0.03792EPSS
Exploits6
GithubExploit
GithubExploit
added 2021/11/03 6:49 p.m.377 views

Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System

CVE-2021-42663 CVE-2021-42662 - HTML Injection vulnerability i...

5.4CVSS5.5AI score0.03792EPSS
Exploits6
GithubExploit
GithubExploit
added 2021/11/03 5:51 p.m.587 views

Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System

CVE-2021-42662 CVE-2021-42662 - Stored Cross-Site Scripting vu...

5.4CVSS5.5AI score0.01647EPSS
Exploits5
Rows per page
Query Builder