Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/19 5:8 p.m.6 views

EUVD-2019-20186

Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hotelid parameter. Attackers can send POST requests to the search-hotels endpoint with crafted S...

8.8CVSS6.3AI score0.00366EPSS
Exploits0References4
OSV
OSV
added 2025/12/28 8:15 a.m.7 views

CVE-2025-15127

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

9.8CVSS5.7AI score0.00407EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 8:2 a.m.31 views

CVE-2025-15127 FantasticLBP Hotels_Server Room.php sql injection

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

7.5CVSS0.00407EPSS
Exploits1References4
OSV
OSV
added 2024/01/04 3:15 p.m.7 views

CVE-2023-50864

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS5.8AI score0.00672EPSS
Exploits1References2
Rows per page
Query Builder