EUVD-2025-30855

Malicious code in bioql PyPI...

CVE-2024-10413

CVE-2024-10413 affects SourceCodester Online Hotel Reservation System v1.0, specifically the upload function in /guest/update.php where manipulating the image parameter leads to unrestricted file uploads. The issue can be exploited remotely and exploits have been disclosed publicly. Connected sou...

CVE-2024-9811

CVE-2024-9811 affects code-projects Restaurant Reservation System 1.0, with a SQL injection in filter3.php triggered by the company parameter. The vulnerability is exploitable remotely and exploitation has been publicly disclosed. Multiple sources describe the issue as critical, affecting the fil...

CVE-2024-9297

The CVE-2024-9297 entry concerns SourceCodester Online Railway Reservation System 1.0. An improper authorization vulnerability exists in the admin area, where manipulating the page parameter with trains/schedules/system_info on the /admin/ path can be exploited remotely. The impact is described a...

PT-2024-38679 · Unknown · Codeastro Online Railway Reservation System

Name of the Vulnerable Software and Affected Versions: CodeAstro Online Railway Reservation System version 1.0 Description: A vulnerability was found in the system, affecting unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The...

CVE-2024-7500

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function savesettings of the file admin/adminclass.php. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. Th...

CVE-2024-7500

CVE-2024-7500 affects itsourcecode Airline Reservation System 1.0. The vulnerable component is the save_settings function in admin/admin_class.php, where manipulation of the img argument enables unrestricted file uploads. The issue is exploitable remotely, and public disclosures exist (VDB-273626...

CVE-2024-7444

CVE-2024-7444 affects itsourcecode Ticket Reservation System 1.0, specifically the login.php of the Login Page. The vulnerability is a SQL injection caused by unsafely handling the username parameter, exploitable remotely via network, with disclosure of exploit. CVSS metrics across sources indica...

CVE-2024-6115

A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file addroom.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely...

CVE-2024-6111

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-3350

CVE-2024-3350 affects SourceCodester Aplaya Beach Resort Online Reservation System v1.0, specifically the admin/mod_room/index.php file. The root cause is a SQL injection vulnerability exposed by manipulating the id argument, allowing remote exploitation. Multiple sources confirm this vulnerabili...

CVE-2024-2533

A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to cross site scripting. The...

CVE-2024-2531

A vulnerability classified as critical has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected is an unknown function of the file /admin/update-rooms.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2024-2524

A vulnerability, which was classified as critical, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This issue affects some unknown processing of the file /admin/receipt.php. The manipulation of the argument roomid leads to sql injection. The attack may be initiated...

CVE-2024-2516

The CVE relates to MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 where the vulnerability is in an unspecified part of home.php. The root cause is manipulation of the id parameter, resulting in SQL injection that can be triggered remotely. Multiple connected sources confirm the issue...

Cross site scripting

A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file addreserve.php of the component Make a Reservation Page. The manipulation of the argument Firstname/Lastname with the input...

CVE-2024-0359

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely...

Cross site scripting

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service lea...

Cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Resort Reservation System 1.0. Affected is an unknown function of the file registration.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2023-1561

The CVE-2023-1561 entry concerns code-projects’ Simple Online Hotel Reservation System 1.0. Affected is an unknown function in add_room.php where manipulation leads to unrestricted file uploads. The vulnerability enables remote exploitation, per the provided description, with no explicit remediat...