Lucene search
K

5 matches found

CVE
CVE
added 2025/04/15 9:23 p.m.54 views

CVE-2025-27565

CVE-2025-27565 affects the Growatt Cloud Applications/Cloud portal. Multiple connected sources confirm an unauthenticated attacker can delete any user’s legitimate data by knowing the user ID and the target room ID, implying an authorization failure in manipulating user-controlled room resources....

6.9CVSS5.4AI score0.00238EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/15 9:23 p.m.7 views

CVE-2025-27565 Growatt Cloud portal Authorization Bypass Through User-Controlled Key

An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs...

6.9CVSS5.7AI score0.00238EPSS
Exploits0References1
CNVD
CNVD
added 2024/08/29 12:0 a.m.6 views

Kashipara Hotel Management System Access Control Error Vulnerability (CNVD-2024-37410)

Kashipara Hotel Management System is a hotel management system from Kashipara. An access control error vulnerability exists in Kashipara Hotel Management System v1.0, which can be exploited by an unauthenticated attacker to delete valid hotel room entries in the administrator section...

7.5CVSS6.8AI score0.00412EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/22 12:0 a.m.12 views

CVE-2024-42768

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/deleteroom.php...

7.3AI score0.00173EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/03/05 6:0 p.m.22 views

CVE-2009-4670

admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote attackers to 1 delete arbitrary users via the user parameter or 2 delete arbitrary rooms via the room parameter...

6.8AI score0.02271EPSS
Exploits0References2
Rows per page
Query Builder