Lucene search
K

12 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40059

A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/modusers/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be...

5.3CVSS4.4AI score0.00443EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40058

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-13555 itsourcecode Online Hotel Management System controller.php add sql injection

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS0.00412EPSS
Exploits0References6
CNVD
CNVD
added 2025/09/29 12:0 a.m.3 views

Hostel Management System mod_users/index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modusers/index.php. An attacker can exploit this...

9.8CVSS8.3AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/27 9:32 p.m.7 views

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

7.5CVSS7AI score0.00387EPSS
Exploits1References1
OSV
OSV
added 2025/09/26 8:15 p.m.6 views

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/26 8:2 p.m.9 views

CVE-2025-11040 code-projects Hostel Management System index.php sql injection

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

7.5CVSS6.8AI score0.00387EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.4 views

PT-2024-25596 · Paypal · Paypal

Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: The issue allows an attacker to exploit a SQL injection vulnerability by sending a specially crafted query to the server, potentially retrieving all stored information throug...

9.8CVSS7.3AI score0.00454EPSS
Exploits0References4
OSV
OSV
added 2024/04/05 8:15 p.m.4 views

CVE-2024-3354

A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/modusers/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score0.00897EPSS
Exploits1References4
OSV
OSV
added 2022/12/01 1:15 p.m.7 views

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

9.8CVSS6.1AI score0.01159EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/01 12:0 a.m.4 views

PT-2022-20159 · Unknown · Asith-Eranga Isic Tour Booking

Name of the Vulnerable Software and Affected Versions: asith-eranga ISIC tour booking versions prior to the version published after Feb 13th 2018 Description: The issue allows attackers to execute arbitrary commands via the username parameter to "/system/user/modules/mod users/controller.php". Th...

9.8CVSS7.5AI score0.01159EPSS
Exploits1References6
OSV
OSV
added 2019/06/18 4:15 p.m.4 views

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...

8.8CVSS5.8AI score0.00877EPSS
Exploits1References2
Rows per page
Query Builder