Lucene search
+L

62 matches found

CVE
CVE
added 2024/07/31 1:0 a.m.58 views

CVE-2024-7280

CVE-2024-7280 affects SourceCodester Lot Reservation Management System 1.0. A SQL injection vulnerability exists in /admin/view_reserved.php caused by unsafely handling the id parameter, potentially exploitable remotely. The exploit has been publicized. Connected sources indicate a workaround: av...

9.8CVSS6.9AI score0.00581EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/31 12:31 a.m.16 views

CVE-2024-7279 SourceCodester Lot Reservation Management System sql injection

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be initiated...

7.5CVSS7.5AI score0.0069EPSS
Exploits1References4
CVE
CVE
added 2024/07/31 12:31 a.m.65 views

CVE-2024-7279

SourceCodester Lot Reservation Management System 1.0 contains a SQL injection vulnerability in the login endpoint /admin/ajax.php?action=login. The username parameter is unsafely handled, enabling remote exploitation with no privileges required and no user interaction. The vulnerability is public...

9.8CVSS7.6AI score0.0069EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/07/31 12:0 a.m.4 views

SourceCodester Lot Reservation Management System SQL注入漏洞

SourceCodester Lot Reservation Management System is a parking lot reservation management system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Lot Reservation Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can...

9.8CVSS7.3AI score0.00581EPSS
Exploits1References5
NVD
NVD
added 2024/07/30 8:15 a.m.21 views

CVE-2024-7224

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lotdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

9.8CVSS0.00511EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/30 8:0 a.m.28 views

CVE-2024-7224 SourceCodester Lot Reservation Management System lot_details.php sql injection

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lotdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

6.5CVSS0.00511EPSS
Exploits1References4
CVE
CVE
added 2024/07/30 8:0 a.m.58 views

CVE-2024-7224

CVE-2024-7224 concerns SourceCodester Lot Reservation Management System 1.0. The vulnerability is in the /lot_details.php file where manipulating the id argument leads to a SQL injection. The issue can be exploited remotely, and public exploit information is available. Connected documents do not ...

9.8CVSS6.8AI score0.00511EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/07/30 7:31 a.m.28 views

CVE-2024-7223 SourceCodester Lot Reservation Management System view_model.php sql injection

A vulnerability has been found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewmodel.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

6.5CVSS0.0052EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/30 7:31 a.m.13 views

CVE-2024-7223 SourceCodester Lot Reservation Management System view_model.php sql injection

A vulnerability has been found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewmodel.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

6.5CVSS7.4AI score0.0052EPSS
Exploits1References4
NVD
NVD
added 2024/07/30 7:15 a.m.22 views

CVE-2024-7222

A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...

9.8CVSS0.00595EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/30 7:0 a.m.15 views

CVE-2024-7222 SourceCodester Lot Reservation Management System home.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS7.6AI score0.00595EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/30 7:0 a.m.24 views

CVE-2024-7222 SourceCodester Lot Reservation Management System home.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS0.00595EPSS
Exploits1References4
CVE
CVE
added 2024/07/30 7:0 a.m.53 views

CVE-2024-7222

CVE-2024-7222 affects SourceCodester Lot Reservation Management System 1.0. The vulnerability is in an unknown function of the file /home.php, where manipulation of the parameter named type leads to SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Multiple ...

9.8CVSS6.9AI score0.00595EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2021/10/04 1:15 p.m.11 views

CVE-2021-41511

The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...

9.8CVSS0.03235EPSS
Exploits1References7
Prion
Prion
added 2021/10/04 1:15 p.m.11 views

Sql injection

The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...

7.5CVSS9.9AI score0.03235EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2021/10/04 12:17 p.m.61 views

CVE-2021-41511

CVE-2021-41511 describes an SQL injection in the login fields of Lodging Reservation Management System V1 that can bypass authentication and grant access to arbitrary users. Root cause: unsafe input handling in username/password fields leading to SQL injection. Impact: authentication bypass with ...

9.8CVSS9.9AI score0.03235EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2021/10/04 12:17 p.m.17 views

CVE-2021-41511

The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...

10AI score0.03235EPSS
Exploits1References7
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.402 views

Lodging Reservation Management System 1.0 - Authentication Bypass

Exploit Title: Lodging Reservation Management System 1.0 - Authentication Bypass Date: 2021-09-20 Exploit Author: Nitin Sharmavidvansh Vendor Homepage: https://www.sourcecodester.com/php/14883/lodging-reservation-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/10/21 7:36 p.m.74 views

U.S. Government, Military Personnel Data Leaked By Autoclerk

A leaky database owned by reservations management system Autoclerk has exposed the personal data and travel information for thousands of users – including U.S. government and military personnel. Autoclerk, which was acquired by the Best Western Hotel and Resorts Group in August, provides...

7AI score
Exploits0References8
exploitpack
exploitpack
added 2018/12/19 12:0 a.m.14 views

Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)

Hotel Booking Script 3.4 - Cross-Site Request Forgery Change Admin Password Exploit Title: Admin Account take over Via CSRF Google Dork: N/A Date: 17-12-2018 Exploit Author: Sainadh Jamalpur Vendor Homepage: https://www.phpjabbers.com/hotel-booking-system/ Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder