CVE-2025-65132

The CVE-2025-65132 entry corresponds to a reflected Cross-Site Scripting (XSS) vulnerability in alandsilva26/hotel-management-php 1.0. The affected component is the admin-facing edit_room.php, where an attacker can inject and execute arbitrary JavaScript through the room_id GET parameter. This is...

Simple Online Hotel Reservation System Code Issue Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System has a code issue vulnerability that stems from a lack of valid validation of uploaded files by the Photo Handler component in file /admin/editroom.php. An attacker can use th...

CVE-2025-12593

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

EUVD-2025-37439

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

CVE-2025-12593 code-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted upload

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

PT-2025-44731

Name of the Vulnerable Software and Affected Versions code-projects Simple Online Hotel Reservation System version 2.0 Description A flaw exists in code-projects Simple Online Hotel Reservation System 2.0 that allows for unrestricted file uploads. This issue is located within the Photo Handler...

CVE-2025-8382

A vulnerability, which was classified as critical, was found in Campcodes Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/editroom.php. The manipulation of the argument roomid leads to sql injection. It is possible to launch the attack remotely. The exploit...

CampCodes Online Hotel Reservation System 代码问题漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. A code issue vulnerability exists in version 1.0 of the Campcodes Online Hotel Reservation System, which stems from the incorrect operation of the parameter photo in the file...

CampCodes Online Hotel Reservation System 注入漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Hotel Reservation System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter roomid in th...

Simple Online Hotel Reservation System edit_room.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...

CVE-2025-6419

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editroom.php. The manipulation of the argument roomtype leads to sql injection. It is possible to initiate the attack remotely...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...

CVE-2024-42771

A Stored Cross Site Scripting XSS vulnerability was found in " /admin/editroomcontroller.php" of the Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via "roomname" parameter...

PT-2024-30142 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/admin/edit room controller.php" endpoint of the Kashipara Hotel Management System, allowing remote attackers to execute...

DEVOME GRR Code Issue Vulnerability

DEVOME GRR is a resource management and reservation system. A code issue vulnerability exists in DEVOME GRR versions prior to 3.4.1c that stems from the admineditroom.php file failing to properly handle file uploads. A remote attacker could exploit this vulnerability to execute code...