15 matches found
PT-2026-36211
Name of the Vulnerable Software and Affected Versions SourceCodester Hotel Management System version 1.0 Description An issue exists in the '/index.php/reservation/check' endpoint where manipulation of the room type argument allows for SQL injection, which is a technique used to interfere with th...
CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection
A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...
CVE-2025-11405
CVE-2025-11405 affects SourceCodester Hotel and Lodge Management System 1.0, with the vulnerability in the file /del_tax.php . The issue arises from manipulation of the parameter ID , leading to an SQL injection. The attack is remote and the exploit is publicly available . Documents indicate a co...
EUVD-2022-34895
Malicious code in bioql PyPI...
EUVD-2022-34565
Malicious code in bioql PyPI...
CVE-2022-2292
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /cihms/massageroom/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input " leads to cross site...
CVE-2022-2648
A vulnerability was found in SourceCodester Multi Language Hotel Management Software. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument roomid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2022-2291
A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /cihms/search of the component Search. The manipulation of the argument search with the input "alert"XSS" leads to cross site scripting...
CVE-2022-2292
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /cihms/massageroom/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input "alert"XSS" leads to...
CVE-2022-2292 SourceCodester Hotel Management System Room Edit Page 1 cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /cihms/massageroom/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input "alert"XSS" leads to...
CVE-2022-2292 SourceCodester Hotel Management System Room Edit Page 1 cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /cihms/massageroom/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input "alert"XSS" leads to...
CVE-2022-2292
CVE-2022-2292 pertains to SourceCodester Hotel Management System 2.0. The vulnerability affects the Room Edit Page, specifically /ci_hms/massage_room/edit/1, where manipulating the argument massageroomDetails with input like > triggers cross-site scripting. The issue is exploitable remotely an...
CVE-2022-2291 SourceCodester Hotel Management System Search search cross site scripting
A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /cihms/search of the component Search. The manipulation of the argument search with the input "alert"XSS" leads to cross site scripting...
CVE-2022-2291 SourceCodester Hotel Management System Search search cross site scripting
A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /cihms/search of the component Search. The manipulation of the argument search with the input "alert"XSS" leads to cross site scripting...
Sql injection
Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details...