Lucene search
+L

54 matches found

CVE
CVE
added 2 hours ago8 views

CVE-2026-16154

SourceCodester Class and Exam Timetabling System 1.0/1.php has an SQL injection vulnerability in /edit_room1.php triggered by manipulating the ID parameter. The issue is remotely exploitable with a publicly disclosed exploit. Affected functionality is unknown on the /edit_room1.php file; root cau...

7.5CVSS7AI score
Exploits0References6
Cvelist
Cvelist
added 2 hours ago6 views

CVE-2026-16154 SourceCodester Class and Exam Timetabling System edit_room1.php sql injection

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editroom1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS
Exploits0References6
NVD
NVD
added 2026/07/05 9:16 p.m.9 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 9:0 p.m.7 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/07/05 9:0 p.m.19 views

CVE-2026-14770

The CVE-2026-14770 entry affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is an SQL injection in the /edit_room.php script caused by manipulating the ID parameter, allowing remote initiation of an attack. This is supported by multiple connected sources that describe...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 9:0 p.m.29 views

CVE-2026-14770 SourceCodester Class and Exam Timetabling System edit_room.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 9:0 p.m.8 views

EUVD-2026-41780

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55822

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit room.php file where manipulating the ID argument allows for SQL injection, a technique used to interfere with the queries that an application...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.13 views

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

6.1CVSS5.8AI score0.00181EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2025-209443

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

6.1CVSS6AI score0.00181EPSS
Exploits1References2
NVD
NVD
added 2026/04/14 4:16 p.m.5 views

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

6.1CVSS0.00181EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.11 views

Hotel management system using php and mysql. 安全漏洞

Hotel Management System Using PHP and MySQL is a hotel management system developed by Alan Dsilva. Version 1.0 of this system has a security vulnerability, which stems from improper handling of the roomid GET parameter in the file /public/admin/edit-room.php. This vulnerability could allow...

6.1CVSS6.1AI score0.00181EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/14 12:0 a.m.4 views

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

6AI score0.00181EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32656

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/edit room.php which allows an attacker to inject and execute arbitrary JavaScript via the room id GET parameter...

6.1CVSS6AI score0.00181EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/14 12:0 a.m.29 views

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

0.00181EPSS
Exploits1References1
CVE
CVE
added 2026/04/14 12:0 a.m.10 views

CVE-2025-65132

The CVE-2025-65132 entry corresponds to a reflected Cross-Site Scripting (XSS) vulnerability in alandsilva26/hotel-management-php 1.0. The affected component is the admin-facing edit_room.php, where an attacker can inject and execute arbitrary JavaScript through the room_id GET parameter. This is...

6.1CVSS6AI score0.00181EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.2 views

Simple Online Hotel Reservation System Code Issue Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System has a code issue vulnerability that stems from a lack of valid validation of uploaded files by the Photo Handler component in file /admin/editroom.php. An attacker can use th...

7.2CVSS7.3AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/03 6:46 a.m.14 views

CVE-2025-12593

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

7.2CVSS4.8AI score0.00387EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/02 6:30 a.m.4 views

EUVD-2025-37439

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS6.2AI score0.00387EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/11/02 6:2 a.m.16 views

CVE-2025-12593 code-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted upload

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS0.00387EPSS
Exploits1References5
Rows per page
Query Builder