CVE-2025-15127

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

PT-2025-53642

Name of the Vulnerable Software and Affected Versions FantasticLBP Hotels Server affected versions not specified Description A security issue exists in FantasticLBP Hotels Server related to the /controller/api/Room.php file. Manipulation of the hotelId argument can lead to SQL injection. This...

Hotels_Server SQL注入漏洞

HotelsServer is a backend management system for hotel reservation system by FantasticLBP individual developer. HotelsServer suffers from a SQL injection vulnerability, which stems from the incorrect manipulation of the parameter hotelId in the file /controller/api/Room.php, which could lead to a...

CVE-2024-42768

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/deleteroom.php...

PT-2024-30145 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: An Incorrect Access Control issue was found in the /admin/delete room.php endpoint, allowing an unauthenticated attacker to delete valid hotel room entries in the administrator sectio...

CVE-2022-32347

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deleteroom...