Lucene search
+L

605 matches found

NVD
NVD
added 2 days ago11 views

CVE-2026-53409

Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-53409

CVE-2026-53409 affects Zoom Rooms for Windows prior to 7.1.0. Root cause: improper privilege management that may allow an authenticated user to escalate privileges via local access. CVSS v3.1 base score 7.8 (HIGH) with LOCAL attack vector, low attack complexity, requiring LOW privileges and no us...

7.8CVSS6.2AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-53409

Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/05 4:0 p.m.9 views

CVE-2026-14762

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00269EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/07/05 4:0 p.m.30 views

CVE-2026-14762 code-projects Hotel and Tourism Reservation Room Management rooms.php sql injection

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS0.00269EPSS
Exploits1References6
CVE
CVE
added 2026/07/05 4:0 p.m.23 views

CVE-2026-14762

Technical details about CVE-2026-14762 are not publicly available in the provided documents. Monitor for updates on affected product versions, affected component, and remediation.

7.5CVSS6.8AI score0.00269EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/05 2:0 p.m.9 views

EUVD-2026-41760

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/addroom.php. Executing a manipulation of the argument deleteimage/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. T...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/06/19 5:16 p.m.10 views

CVE-2019-25748

Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. Attackers can send POST requests to the search-hotels endpoint with crafted SQL payloads in the...

8.8CVSS0.00296EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 5:1 p.m.8 views

EUVD-2019-20184

Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. Attackers can send POST requests to the search-hotels endpoint with crafted SQL payloads in the...

8.8CVSS6.3AI score0.00296EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:1 p.m.6 views

CVE-2019-25748

Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. Attackers can send POST requests to the search-hotels endpoint with crafted SQL payloads in the...

8.8CVSS6.3AI score0.00296EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/19 5:1 p.m.23 views

CVE-2019-25748

CVE-2019-25748 affects Joomla JHotelReservation 6.0.7. The issue is an SQL injection in the rooms parameter of the search-hotels endpoint, allowing unauthenticated attackers to send crafted SQL payloads via POST requests to extract sensitive data (e.g., database version details). Documented CVSS:...

8.8CVSS6.3AI score0.00296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50964

Name of the Vulnerable Software and Affected Versions JHotelReservation version 6.0.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by sending POST requests to the 'search-hotels' endpoint with malicious code injected into the roo...

8.8CVSS6.2AI score0.00296EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/18 10:21 a.m.28 views

CVE-2026-54419 PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query

claudiopizzillo PIAF-HMS PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5 contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters...

9.8CVSS0.00587EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 10:21 a.m.31 views

CVE-2026-54419

PIAF-HMS (PBX-In-A-Flash Hotel Management System) contains multiple unauthenticated SQL injection vulnerabilities. The app has no authentication and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or param...

9.8CVSS5.8AI score0.00587EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/07 8:58 p.m.14 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.21 views

PT-2026-47199

A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room types. Performing a manipulation of the argument room results in cross site scripting. The attack is possible to be carried out...

4.8CVSS3.9AI score0.00214EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that...

5.1CVSS5.5AI score0.00369EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.17 views

SUSE CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

2.7CVSS5.8AI score0.00369EPSS
Exploits0References3
PyPA
PyPA
added 2026/05/28 5:16 p.m.9 views

PYSEC-0000-CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/28 5:16 p.m.10 views

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder