Lucene search
K

65 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40061

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/modroom/controller.php?action=add of the component POST Request Handler. Such manipulation of the argument Name leads to cross site scripting. The attack m...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40058

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/06/05 5:0 p.m.17 views

CVE-2026-11342

Vulnerability : In code-projects Hotel and Tourism Reservation System 1.0, the file /details.php is susceptible to SQL injection via the room parameter. Root cause : unsanitized input in the argument dispatched to an SQL query. Impact : exploitation can be performed remotely; CVSS metrics in sour...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 10:16 p.m.10 views

CVE-2026-10290

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

7.5CVSS0.00318EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 8:30 p.m.9 views

CVE-2026-10290 code-projects Hotel and Tourism Reservation System GET Parameter tour.php sql injection

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 8:15 p.m.9 views

CVE-2026-10289 code-projects Hotel and Tourism Reservation System tour.php cross site scripting

A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be initiated remotely. The...

5.3CVSS4.3AI score0.00338EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/03 1:15 p.m.7 views

CVE-2026-7697

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/03 1:15 p.m.8 views

EUVD-2026-26835

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/30 10:30 p.m.2 views

CVE-2026-7506 SourceCodester Hotel Management System check sql injection

A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument roomtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS6.9AI score0.0026EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.6 views

CVE-2026-4237

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/modreports/index.php. Executing a manipulation of the argument Home can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 12:23 p.m.26 views

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

5.8CVSS0.00223EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:20 p.m.6 views

CVE-2026-4237

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/modreports/index.php. Executing a manipulation of the argument Home can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/16 12:2 p.m.29 views

CVE-2026-4237 itsourcecode Free Hotel Reservation System index.php sql injection

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/modreports/index.php. Executing a manipulation of the argument Home can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.22 views

CVE-2025-63949

A Reflected Cross-Site Scripting XSS vulnerability in yohanawi Hotel Management System commit 87e004a allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php...

0.00217EPSS
Exploits1References2
CVE
CVE
added 2025/12/05 3:32 p.m.9 views

CVE-2025-14090

The CVE-2025-14090 entry concerns AMTT Hotel Broadband Operation System 1.0. A SQL injection is triggered by manipulating the ID parameter in the file /manager/card/cardmake_down.php, with remote applicability. The root cause is improper handling of the ID input leading to injection, enabling una...

7.2CVSS6.5AI score0.00283EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/11/13 9:31 p.m.4 views

EUVD-2025-175364

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.00296EPSS
Exploits1References5
OSV
OSV
added 2025/11/13 7:15 p.m.4 views

CVE-2025-13123

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score
Exploits0References4
Cvelist
Cvelist
added 2025/11/13 7:2 p.m.12 views

CVE-2025-13123 AMTT Hotel Broadband Operation System get_firstdate.php sql injection

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00296EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/02 8:32 a.m.2 views

CVE-2025-12594 code-projects Simple Online Hotel Reservation System add_account.php sql injection

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

5.8CVSS4.9AI score0.00411EPSS
Exploits1References5
OSV
OSV
added 2025/11/02 5:15 a.m.6 views

CVE-2025-12593

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

7.2CVSS5.5AI score0.00387EPSS
Exploits1References5
Rows per page
Query Builder