14 matches found
CVE-2019-25750
Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hotelid parameter. Attackers can send POST requests to the search-hotels endpoint with crafted S...
EUVD-2019-20186
Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hotelid parameter. Attackers can send POST requests to the search-hotels endpoint with crafted S...
PT-2026-50986
Name of the Vulnerable Software and Affected Versions Joomla Component J-MultipleHotelReservation version 6.0.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code. This is achieved by sending POST requests to the...
CVE-2025-15127
A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...
CVE-2025-15127
A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...
CVE-2025-15127 FantasticLBP Hotels_Server Room.php sql injection
A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...
CVE-2025-15127 FantasticLBP Hotels_Server Room.php sql injection
A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...
CVE-2025-15127
CVE-2025-15127 affects FantasticLBP Hotels_Server, with the vulnerability located in /controller/api/Room.php. Manipulating the hotelId parameter can lead to a SQL injection. The issue is reported to be exploitable remotely, and public exploit details exist. Affected versions are not specified in...
CVE-2023-50864
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50863
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the generateReceipt.php resource does not validate the characters received and they are sent unfiltered to the database...
Travel Website SQL Injection Vulnerability
Travel Website is a PHP-based travel website. A SQL injection vulnerability exists in Travel Website v1.0, which occurs when the hotelIDHidden parameter on the booking.php page is processed without filtering and then sent to the database for processing...
PT-2024-13979 · Unknown · Travel Website
Name of the Vulnerable Software and Affected Versions: Travel Website version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the hotelIDHidden parameter of the "booking.php" resource does not validate the characters received, and they are...
Accommodation Hotel Booking Portal - hotel_id SQL Injection
Accommodation Hotel Booking Portal - hotelid SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability hotel.php hotelid Accommodation Hotel Booking Portal http://www.tourismscripts.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...
Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability hotel.php hotelid Accommodation Hotel Booking Portal http://www.tourismscripts.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...