13 matches found
EUVD-2025-30409
Malicious code in bioql PyPI...
CVE-2025-11055
A vulnerability was detected in SourceCodester Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/updateaddress.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit is now public and may be us...
CVE-2025-10788
A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-10789 SourceCodester Online Hotel Reservation System deleteslide.php sql injection
A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly availab...
SourceCodester Online Hotel Reservation System 安全漏洞
SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A security vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter userid in the file...
CVE-2025-6355
A vulnerability has been found in SourceCodester Online Hotel Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/execeditroom.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The...
CVE-2024-10413
A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...
CVE-2024-10413 SourceCodester Online Hotel Reservation System update.php upload unrestricted upload
A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...
CVE-2024-10413
CVE-2024-10413 affects SourceCodester Online Hotel Reservation System v1.0, specifically the upload function in /guest/update.php where manipulating the image parameter leads to unrestricted file uploads. The issue can be exploited remotely and exploits have been disclosed publicly. Connected sou...
CVE-2024-10411
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...
CVE-2024-10411 SourceCodester Online Hotel Reservation System controller.php doCheckout sql injection
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...
CVE-2024-10411
CVE-2024-10411 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the admin side, in functions doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of /marimar/admin/mod_room/controller.php, where the id parameter is used in SQL queries, enabling a r...
CVE-2024-10410 SourceCodester Online Hotel Reservation System controller.php upload unrestricted upload
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...