429 matches found
CVE-2026-14763 code-projects Hotel and Tourism Reservation Tour Reservations tour_reserves.php sql injection
A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. This affects an unknown function of the file /admin/tourreserves.php of the component Tour Reservations Page. This manipulation of the argument tour causes sql injection. The attack can be initiated remotely. The exploit ha...
CVE-2026-14763
A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. This affects an unknown function of the file /admin/tourreserves.php of the component Tour Reservations Page. This manipulation of the argument tour causes sql injection. The attack can be initiated remotely. The exploit ha...
CVE-2026-14755
A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Reservations Management Page. The manipulation of the argument delete leads to sql injection. The atta...
EUVD-2026-41761
A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Reservations Management Page. The manipulation of the argument delete leads to sql injection. The atta...
CVE-2026-14755
The CVE concerns code-projects Hotel and Tourism Reservation 1.0. The vulnerability exists in the Reservations Management Page (/admin/reservations.php), where manipulating the delete parameter causes SQL injection. Likely exploitable remotely with no authentication required, as indicated by CVSS...
CVE-2026-14755 code-projects Hotel and Tourism Reservation Reservations Management reservations.php sql injection
A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Reservations Management Page. The manipulation of the argument delete leads to sql injection. The atta...
CVE-2026-9180
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
EUVD-2026-41492
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private
WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional feature is designed to help users connect with someone on the service through usernames, as opposed to...
Linux Distros Unpatched Vulnerability : CVE-2026-53154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA...
CVE-2026-54830
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
CVE-2026-54830 WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
CVE-2026-54830
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
EUVD-2026-39367
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
PT-2026-52415
Name of the Vulnerable Software and Affected Versions Five Star Restaurant Reservations versions prior to 2.7.20 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass security restrictions and access restricted areas or functions of the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for the double decrement of the dirty clusters count during shutdown. The fstests test for generic/388 occasionally produces a warning in ext4putsuper, associated with the count of dirty clusters: WARNING: CPU: 7; PID:...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Skipping the “reserved bytes” warning after unmounting after a log cleanup failure. After the recent changes made by commit c2e39305299f01 “btrfs: clearing the extent buffer when writing fails” and its follow-up fix,...
WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Vincent Sevkli in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.19...
CVE-2026-42670
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
CVE-2026-42670
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...