16 matches found
Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting
Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clic...
Online Event Booking and Reservation System 2.3.0 - SQL Injection
Online Event Booking and Reservation System 2.3.0 contains a SQL injection vulnerability in event-management/views. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...
CVE-2021-42662
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...
The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester, which allows a perpetrator to execute JavaScript commands on behalf of a user on the web server
The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute JavaScript commands on behalf of a user on the web...
The vulnerability of the online event booking and reservation system, which exists due to the failure to take measures to eliminate special elements that allow a violator to disclose protected information.
The vulnerability of the online event booking and reservation system exists due to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...
Sourcecodester Online Event Booking and Reservation System SQL Injection (CVE-2021-42667)
An SQL injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2021-42667
A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in som...
CVE-2021-42667
A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in som...
CVE-2021-42663
Sourcecodester Online Event Booking and Reservation System 2.3.0 is affected by a cross-site scripting vulnerability (HTML injection) in the /event-management/index.php page, via the msg parameter. The vulnerable component is index.php; an attacker-supplied payload in msg can cause the victim to ...
CVE-2021-42662
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...
CVE-2021-42662
CVE-2021-42662 is a Stored Cross-Site Scripting (XSS) vulnerability affecting the Sourcecodester Online Event Booking and Reservation System (PHP/MySQL). The issue is triggered via the holiday reason parameter (also referenced as reason/holiday field in various advisories) and can allow an attack...
Engineers Online Portal 跨站脚本漏洞
Sourcecodester Online Event Booking and Reservation System is developed using PHP, MySQL database, HTML, CSS, Javascript, Bootstrap and AdminLTE. The system can be accessed by 3 types of users, namely system administrators, students and faculty. sourcecodester Online Event Booking and Reservation...
Exploit for SQL Injection in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System
CVE-2021-42667 CVE-2021-42667 - SQL Injection vulnerability in...
Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System
CVE-2021-42663 CVE-2021-42662 - HTML Injection vulnerability i...
Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System
CVE-2021-42663 CVE-2021-42662 - HTML Injection vulnerability i...
Exploit for Cross-site Scripting in Online_Event_Booking_And_Reservation_System_Project Online_Event_Booking_And_Reservation_System
CVE-2021-42662 CVE-2021-42662 - Stored Cross-Site Scripting vu...