13 matches found
EUVD-2022-33787
Malicious code in bioql PyPI...
CVE-2024-42773
An Incorrect Access Control vulnerability was found in /admin/editroomcontroller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section...
Kashipara Hotel Management System Access Control Error Vulnerability (CNVD-2024-37412)
Kashipara Hotel Management System is a hotel management system from Kashipara. An access control error vulnerability exists in Kashipara Hotel Management System v1.0, which can be exploited by an unauthenticated attacker to view valid hotel room information in the administrator interface...
CVE-2024-42772
An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to view valid hotel room entries in administrator section...
Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to...
CVE-2022-29449 WordPress Opal Hotel Room Booking plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Opal Hotel Room Booking plugin = 1.2.7 at WordPress...
CVE-2022-29449 WordPress Opal Hotel Room Booking plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Opal Hotel Room Booking plugin = 1.2.7 at WordPress...
CVE-2022-29449
The CVE-2022-29449 entry concerns the WordPress Opal Hotel Room Booking plugin up to version 1.2.7. The vulnerability is an Authenticated Stored Cross-Site Scripting (XSS) flaw in a parameter that is not properly sanitized/escaped, allowing users with contributor+ roles to inject JavaScript that ...
WordPress Opal Hotel Room Booking plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Opal Hotel Room Booking plugin versions = 1.2.7. Solution Deactivate and delete. No reply from the vendor...
CVE-2014-7640
The Hotel Room aka com.wHotelRoom application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The Hotel Room aka com.wHotelRoom application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7640
The CVE-2014-7640 entry concerns The Hotel Room (com.wHotelRoom) Android app version 0.1. The affected component is the app’s SSL/TLS certificate verification, which does not verify X.509 certificates from SSL servers. This omission allows man-in-the-middle attackers to impersonate legitimate ser...
CVE-2014-7640
The Hotel Room aka com.wHotelRoom application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...