EUVD-2025-210035

Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0...

CVE-2026-25334 WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability

Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through 10.30.12...

PT-2026-27901

Name of the Vulnerable Software and Affected Versions Salon Booking System Pro versions prior to 10.30.12 Description An Incorrect Privilege Assignment issue exists in Salon Booking System Pro. This allows for privilege escalation. Recommendations Update Salon Booking System Pro to version 10.30....

WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Salon Booking System Pro versions 10.30.12...

CVE-2025-64214

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through 4.7.16...

WordPress plugin Tutor LMS Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2020-7523

Malware in sbrugna...

Sql injection

A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2017-20125 Online Hotel Booking System Pro roomtype-details.php sql injection

A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2017-20124

The CVE-2017-20124 entry affects Online Hotel Booking System Pro Plugin 1.0, specifically the /front/roomtype-details.php file. The vulnerability stems from unsafely handling the tid argument, causing an SQL injection that can be triggered remotely. Public exploits have been disclosed (e.g., Expl...

WordPress Plugin Online Hotel Booking System Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2020-23984

CVE-2020-23984 affects Online Hotel Booking System Pro PHP Version 1.3, with a persistent cross-site scripting flaw in the Customer registration-form all-tags. The Red Hat/CNVD/NVD entries corroborate a client-side script execution vulnerability in the registration form. No explicit remediation o...

WordPress bestsoftinc Hotel Booking System Pro Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. bestsoftinc Hotel Booking System Pro is a hotel booking system plugin used in it. A cross-site scripting vulnerability exists in...

CVE-2020-15536

An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields...

CVE-2020-15536

The CVE-2020-15536 entry concerns the WordPress plugin bestsoftinc Hotel Booking System Pro (versions up to 1.1). Multiple connected sources confirm a persistent (stored) cross-site scripting vulnerability affecting registration/booking input fields, allowing injected script to execute in context...

WordPress Online Hotel Booking System Pro premium plugin <= 1.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by Ihsan Sencan in WordPress Online Hotel Booking System Pro premium plugin versions = 1.0. Solution Update the WordPress Online Hotel Booking System Pro premium plugin to the latest available version at least 1.1...

Online Hotel Booking System Pro Cross-Site Scripting Vulnerability

Online Hotel Booking System Pro is an online hotel booking system. Cross-site scripting vulnerabilities exist in the booking-failure.php page in Online Hotel Booking System Pro version 1.2, where the program fails to adequately filter user-submitted input. An attacker could exploit these...

Booking System Pro CSRF Vulnerability

No description provided by source. Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin html body onload=document.form0.submit; form method=POST name=form0...

Booking System Pro - Cross-Site Request Forgery

Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin...