Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/05/19 4:43 a.m.6 views

EUVD-2026-30835

The /api/v1/autotranslate.translateMessage endpoint in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12 allows any authenticated user to retrieve the full content of any message from any room private groups, direct messages, channels by simply providing the target message ID...

5.3CVSS6.1AI score0.00028EPSS
Exploits0References1
NVD
NVDadded 2026/04/14 4:16 p.m.2 views

CVE-2025-65132

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

6.1CVSS0.00034EPSS
Exploits1References1
CVE
CVEadded 2026/04/14 12:0 a.m.5 views

CVE-2025-65132

The CVE-2025-65132 entry corresponds to a reflected Cross-Site Scripting (XSS) vulnerability in alandsilva26/hotel-management-php 1.0. The affected component is the admin-facing edit_room.php, where an attacker can inject and execute arbitrary JavaScript through the room_id GET parameter. This is...

6.1CVSS6AI score0.00034EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/12/12 12:0 a.m.4 views

PT-2025-50840

The Contact Form 7 with ChatWork plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api token' and 'roomid' settings in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5AI score0.00026EPSS
Exploits0References5
OSV
OSVadded 2025/07/31 12:15 p.m.2 views

CVE-2025-8381

A vulnerability, which was classified as critical, has been found in Campcodes Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /addreserve.php. The manipulation of the argument roomid leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS5.8AI score0.00205EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/06/22 12:0 a.m.3 views

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...

9.8CVSS8.2AI score0.00204EPSS
Exploits1References6
OSV
OSVadded 2025/04/15 10:15 p.m.1 views

CVE-2025-27565

An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs...

5.3CVSS5.8AI score0.00897EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/03/16 12:0 a.m.2 views

Online-College-Event-Hall-Reservation-System Security Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. A security vulnerability exists in...

9.8CVSS7.9AI score0.00056EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS5.4AI score0.00271EPSS
Exploits0References3
Rows per page
Query Builder