14 matches found
CVE-2026-25334 WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability
Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through 10.30.12...
WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability
Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Salon Booking System Pro versions 10.30.12...
EUVD-2020-7523
Malware in sbrugna...
Sql injection
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2017-20125 Online Hotel Booking System Pro roomtype-details.php sql injection
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has...
CVE-2017-20124
The CVE-2017-20124 entry affects Online Hotel Booking System Pro Plugin 1.0, specifically the /front/roomtype-details.php file. The vulnerability stems from unsafely handling the tid argument, causing an SQL injection that can be triggered remotely. Public exploits have been disclosed (e.g., Expl...
CVE-2020-23984
CVE-2020-23984 affects Online Hotel Booking System Pro PHP Version 1.3, with a persistent cross-site scripting flaw in the Customer registration-form all-tags. The Red Hat/CNVD/NVD entries corroborate a client-side script execution vulnerability in the registration form. No explicit remediation o...
WordPress bestsoftinc Hotel Booking System Pro Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. bestsoftinc Hotel Booking System Pro is a hotel booking system plugin used in it. A cross-site scripting vulnerability exists in...
CVE-2020-15536
An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields...
CVE-2020-15536
The CVE-2020-15536 entry concerns the WordPress plugin bestsoftinc Hotel Booking System Pro (versions up to 1.1). Multiple connected sources confirm a persistent (stored) cross-site scripting vulnerability affecting registration/booking input fields, allowing injected script to execute in context...
WordPress Online Hotel Booking System Pro premium plugin <= 1.0 - SQL Injection (SQLi) vulnerability
SQL Injection SQLi vulnerability discovered by Ihsan Sencan in WordPress Online Hotel Booking System Pro premium plugin versions = 1.0. Solution Update the WordPress Online Hotel Booking System Pro premium plugin to the latest available version at least 1.1...
Online Hotel Booking System Pro Cross-Site Scripting Vulnerability
Online Hotel Booking System Pro is an online hotel booking system. Cross-site scripting vulnerabilities exist in the booking-failure.php page in Online Hotel Booking System Pro version 1.2, where the program fails to adequately filter user-submitted input. An attacker could exploit these...
Booking System Pro CSRF Vulnerability
No description provided by source. Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin html body onload=document.form0.submit; form method=POST name=form0...
Booking System Pro - Cross-Site Request Forgery
Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin...