CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

PT-2026-32656

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/edit room.php which allows an attacker to inject and execute arbitrary JavaScript via the room id GET parameter...

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

EUVD-2025-202954

The Contact Form 7 with ChatWork plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apitoken' and 'roomid' settings in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-13975

CVE-2025-13975: The Contact Form 7 with ChatWork plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the api_token and roomid settings in all versions up to 1.1.0. The issue requires authenticated admin access and affects multisite installs and sites where unfiltered_html is dis...

CVE-2025-13975 Contact Form 7 with ChatWork <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'api_token' and 'roomid' Settings

The Contact Form 7 with ChatWork plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apitoken' and 'roomid' settings in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

Simple Online Hotel Reservation System add_query_reserve.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from the /addqueryreserve.php file failing to effectively filter the roomid parameter. No details of the vulnerability a...

CVE-2025-13169

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...

EUVD-2025-197615

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-13169

CVE-2025-13169 affects the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the file /add_query_reserve.php caused by unsafely handling the room_id parameter, allowing remote exploitation. Public disclosures exist, and multiple sources (CNVD, RH, CNNVD, NVD, CV...

PT-2025-46963

Name of the Vulnerable Software and Affected Versions Simple Online Hotel Reservation System version 1.0 Description A security issue exists in Simple Online Hotel Reservation System version 1.0. The issue involves SQL injection within the /add query reserve.php file. Manipulation of the room id...

Linux Distros Unpatched Vulnerability : CVE-2020-26257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference homeserver implementation of Matrix. A malicious or...

CampCodes Online Hotel Reservation System 注入漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Hotel Reservation System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter roomid in th...

CampCodes Online Hotel Reservation System 注入漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Hotel Reservation System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter roomid in th...

CVE-2025-6448

A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument roomid leads to sql injection. The attack can be...

CVE-2025-27565

An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs...

PT-2025-16485

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs. Recommendations At the moment, there is no information about a newer version that contains a fix f...

CVE-2024-2527

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/rooms.php. The manipulation of the argument roomid leads to sql injection. The attack may be launched...

CVE-2024-2522

A vulnerability classified as critical has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/booktime.php. The manipulation of the argument roomid leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-2520

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/bookdate.php. The manipulation of the argument roomid leads to sql injection. The attack can be...