CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

PT-2026-32656

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/edit room.php which allows an attacker to inject and execute arbitrary JavaScript via the room id GET parameter...

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

EUVD-2026-22002

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/viewroom.php...

CVE-2025-63949

A Reflected Cross-Site Scripting XSS vulnerability in yohanawi Hotel Management System commit 87e004a allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php...

CVE-2025-63949

CVE-2025-63949 describes a reflected XSS in the yohanawi Hotel Management System. All connected documents identify the vulnerability as caused by an unfiltered input in the error parameter of the pages/room.php endpoint, with the commit noted as 87e004a. The impact is remote code execution of arb...

CVE-2025-11472

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-11399

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/saveroom.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has bee...

EUVD-2025-32727

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/saveroom.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has bee...

CVE-2023-3309

A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to cross site scripting...

CVE-2025-29430

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting XSS in /pages/room.php via the id and rome parameters...

CVE-2024-13019

A vulnerability classified as problematic has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/updateroom.php of the component Chat Room Page. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack...

CVE-2024-13019 code-projects Chat System Chat Room Page update_room.php cross site scripting

A vulnerability classified as problematic has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/updateroom.php of the component Chat Room Page. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack...

PT-2024-17877 · Unknown · Code-Projects Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A vulnerability has been found in the code-projects Chat System. The issue affects an unknown function of the file /admin/update room.php of the component Chat Room Page. The manipulation of...

Responsive Hotel Site room.php File SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter troom of file /admin/room.php. An attacker can exploit this vulnerability to execute...

CVE-2024-9806

Craig Rodway Classroombookings

CVE-2024-9806 Craig Rodway Classroombookings Room Page fields cross site scripting

A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic. This vulnerability affects unknown code of the file /rooms/fields of the component Room Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiate...

PT-2024-39851 · Craig Rodway · Classroombookings

Name of the Vulnerable Software and Affected Versions: Craig Rodway Classroombookings versions up to 2.8.6 Description: A vulnerability has been found in the component Room Page, affecting unknown code of the file /rooms/fields. The manipulation of the argument Name leads to cross-site scripting...

Classroombookings 跨站脚本漏洞

Classroombookings is a Php, Mysql based school room booking system by Craig A Rodway, an individual developer. A cross-site scripting vulnerability exists in Classroombookings version 2.8.6 and earlier, which stems from the parameter Name in the file/rooms/fields of the component Room Page can le...