14 matches found
CVE-2026-25334 WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability
Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through 10.30.12...
WordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerability
Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Salon Booking System Pro versions 10.30.12...
EUVD-2020-7523
Malware in sbrugna...
Sql injection
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2017-20125 Online Hotel Booking System Pro roomtype-details.php sql injection
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has...
CVE-2017-20124
The CVE-2017-20124 entry affects Online Hotel Booking System Pro Plugin 1.0, specifically the /front/roomtype-details.php file. The vulnerability stems from unsafely handling the tid argument, causing an SQL injection that can be triggered remotely. Public exploits have been disclosed (e.g., Expl...
CVE-2020-23984
CVE-2020-23984 affects Online Hotel Booking System Pro PHP Version 1.3, with a persistent cross-site scripting flaw in the Customer registration-form all-tags. The Red Hat/CNVD/NVD entries corroborate a client-side script execution vulnerability in the registration form. No explicit remediation o...
WordPress bestsoftinc Hotel Booking System Pro Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. bestsoftinc Hotel Booking System Pro is a hotel booking system plugin used in it. A cross-site scripting vulnerability exists in...
CVE-2020-15536
The CVE-2020-15536 entry concerns the WordPress plugin bestsoftinc Hotel Booking System Pro (versions up to 1.1). Multiple connected sources confirm a persistent (stored) cross-site scripting vulnerability affecting registration/booking input fields, allowing injected script to execute in context...
CVE-2020-15536
An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields...
WordPress Online Hotel Booking System Pro premium plugin <= 1.0 - SQL Injection (SQLi) vulnerability
SQL Injection SQLi vulnerability discovered by Ihsan Sencan in WordPress Online Hotel Booking System Pro premium plugin versions = 1.0. Solution Update the WordPress Online Hotel Booking System Pro premium plugin to the latest available version at least 1.1...
Online Hotel Booking System Pro Cross-Site Scripting Vulnerability
Online Hotel Booking System Pro is an online hotel booking system. Cross-site scripting vulnerabilities exist in the booking-failure.php page in Online Hotel Booking System Pro version 1.2, where the program fails to adequately filter user-submitted input. An attacker could exploit these...
Booking System Pro CSRF Vulnerability
No description provided by source. Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin html body onload=document.form0.submit; form method=POST name=form0...
Booking System Pro - Cross-Site Request Forgery
Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin...