62 matches found
CVE-2024-7280
CVE-2024-7280 affects SourceCodester Lot Reservation Management System 1.0. A SQL injection vulnerability exists in /admin/view_reserved.php caused by unsafely handling the id parameter, potentially exploitable remotely. The exploit has been publicized. Connected sources indicate a workaround: av...
CVE-2024-7279 SourceCodester Lot Reservation Management System sql injection
A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be initiated...
CVE-2024-7279
SourceCodester Lot Reservation Management System 1.0 contains a SQL injection vulnerability in the login endpoint /admin/ajax.php?action=login. The username parameter is unsafely handled, enabling remote exploitation with no privileges required and no user interaction. The vulnerability is public...
SourceCodester Lot Reservation Management System SQL注入漏洞
SourceCodester Lot Reservation Management System is a parking lot reservation management system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Lot Reservation Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can...
CVE-2024-7224
A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lotdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2024-7224 SourceCodester Lot Reservation Management System lot_details.php sql injection
A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lotdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2024-7224
CVE-2024-7224 concerns SourceCodester Lot Reservation Management System 1.0. The vulnerability is in the /lot_details.php file where manipulating the id argument leads to a SQL injection. The issue can be exploited remotely, and public exploit information is available. Connected documents do not ...
CVE-2024-7223 SourceCodester Lot Reservation Management System view_model.php sql injection
A vulnerability has been found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewmodel.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...
CVE-2024-7223 SourceCodester Lot Reservation Management System view_model.php sql injection
A vulnerability has been found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewmodel.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...
CVE-2024-7222
A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2024-7222 SourceCodester Lot Reservation Management System home.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2024-7222 SourceCodester Lot Reservation Management System home.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /home.php. The manipulation of the argument type leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2024-7222
CVE-2024-7222 affects SourceCodester Lot Reservation Management System 1.0. The vulnerability is in an unknown function of the file /home.php, where manipulation of the parameter named type leads to SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Multiple ...
CVE-2021-41511
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...
Sql injection
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...
CVE-2021-41511
CVE-2021-41511 describes an SQL injection in the login fields of Lodging Reservation Management System V1 that can bypass authentication and grant access to arbitrary users. Root cause: unsafe input handling in username/password fields leading to SQL injection. Impact: authentication bypass with ...
CVE-2021-41511
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication...
Lodging Reservation Management System 1.0 - Authentication Bypass
Exploit Title: Lodging Reservation Management System 1.0 - Authentication Bypass Date: 2021-09-20 Exploit Author: Nitin Sharmavidvansh Vendor Homepage: https://www.sourcecodester.com/php/14883/lodging-reservation-management-system-php-free-source-code.html Software Link:...
U.S. Government, Military Personnel Data Leaked By Autoclerk
A leaky database owned by reservations management system Autoclerk has exposed the personal data and travel information for thousands of users – including U.S. government and military personnel. Autoclerk, which was acquired by the Best Western Hotel and Resorts Group in August, provides...
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)
Hotel Booking Script 3.4 - Cross-Site Request Forgery Change Admin Password Exploit Title: Admin Account take over Via CSRF Google Dork: N/A Date: 17-12-2018 Exploit Author: Sainadh Jamalpur Vendor Homepage: https://www.phpjabbers.com/hotel-booking-system/ Software Link:...