Lucene search
K

29 matches found

CVE
CVE
added 2025/10/07 4:2 p.m.11 views

CVE-2025-11400

SourceCodester Hotel and Lodge Management System 1.0 contains a SQL injection vulnerability in the /del_room.php endpoint triggered by manipulating the ID parameter. The CVE-2025-11400 entries indicate remote exploitation with publicly available exploits. The issue is documented with multiple ven...

9.8CVSS6.8AI score0.00323EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/29 3:37 p.m.6 views

CVE-2025-11108

A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of the argument room can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS7AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/09/28 3:15 p.m.4 views

CVE-2025-11108

A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of the argument room can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

9.8CVSS5.7AI score0.00384EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/28 12:0 a.m.6 views

Code-Projects Simple Scheduling System SQL注入漏洞

Simple Scheduling System is a simple scheduling system. Simple Scheduling System suffers from a SQL injection vulnerability that stems from the failure of the /schedulingsystem/addroom.php file to effectively filter the room parameter. No details of the vulnerability are available at this time...

9.8CVSS7.9AI score0.00384EPSS
Exploits1References6
OSV
OSV
added 2024/11/28 4:15 p.m.4 views

CVE-2024-11963

A vulnerability, which was classified as critical, has been found in code-projects Responsive Hotel Site 1.0. Affected by this issue is some unknown functionality of the file /admin/room.php. The manipulation of the argument troom leads to sql injection. The attack may be launched remotely. The...

8.8CVSS5.7AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.6 views

PT-2023-28830 · Unknown · Resort Reservation System

Name of the Vulnerable Software and Affected Versions: Resort Reservation System version 1.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description parameters in the manage room function...

5.4CVSS6.9AI score0.00535EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/04/11 3:15 p.m.4 views

CVE-2022-1007

The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.3AI score0.01618EPSS
Exploits2References4
OSV
OSV
added 2022/04/11 3:15 p.m.4 views

CVE-2022-1007

The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS5.8AI score0.01618EPSS
Exploits2References2
Cvelist
Cvelist
added 2007/11/15 12:0 a.m.19 views

CVE-2007-5982

Multiple cross-site scripting XSS vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the 1 room parameter to sources/frame.php, the 2 themec parameter to help/index.php, or the 3 INSTALLX7CHATVERSION parameter to...

5.9AI score0.03053EPSS
Exploits1References5
Rows per page
Query Builder