CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.5CVSS5.7AI score0.00033EPSS

CVE-2026-10290

CVE•added 5 days ago•12 views

CVE-2026-10290

The vulnerability CVE-2026-10290 affects code-projects Hotel and Tourism Reservation System 1.0, specifically the GET Parameter Handler’s tour.php. The issue arises from an unspecified function allowing manipulation of the tour argument, leading to SQL injection. Remote exploitation is possible a...

7.5CVSS5.7AI score0.00033EPSS

CVE•added 5 days ago•8 views

CVE-2026-10289

The CVE concerns code-projects Hotel and Tourism Reservation System 1.0. Affected is an unknown function in the file /ht/tour.php where manipulating the arguments /email, /people, or /number leads to cross-site scripting. The attack is remote, and the exploit has been released publicly. No remedi...

5.3CVSS4.3AI score0.00036EPSS

Cvelist•added 5 days ago•23 views

CVE-2026-10289 code-projects Hotel and Tourism Reservation System tour.php cross site scripting

A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be initiated remotely. The...

5.3CVSS0.00036EPSS

5.3CVSS4.3AI score0.00036EPSS

CVE-2026-10289

Vulnrichment•added 5 days ago•7 views

CVE-2026-10289 code-projects Hotel and Tourism Reservation System tour.php cross site scripting

5.3CVSS4.3AI score0.00036EPSS

EUVD•added 5 days ago•7 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00098EPSS

7.5CVSS5.6AI score0.00098EPSS

CVE-2026-10288

Vulnrichment•added 5 days ago•6 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

7.5CVSS6.9AI score0.00098EPSS

CVE•added 5 days ago•15 views

CVE-2026-10288

The vulnerability affects code-projects Hotel and Tourism Reservation System 1.0 (Admin Login component). The issue lies in the function password_verify in /admin/login.php, where manipulation of the Password argument leads to improper authentication. It is exploitable remotely, and a publicly av...

7.5CVSS5.6AI score0.00098EPSS

6.5CVSS5.6AI score0.00033EPSS

CVE-2026-10286

A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /homeemployee.php. The manipulation of the argument empid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

CVE•added 5 days ago•10 views

CVE-2026-10286

CodeAstro Payroll System 1.0 is affected by a SQL injection in /home_employee.php via the emp_id parameter. The vulnerability can be exploited remotely, and public exploit code exists. The NVD/CNA metrics indicate a Medium severity (CVSS 4.0/3.1/2.0 variants). No remediation details are provided ...

6.5CVSS5.6AI score0.00033EPSS

EUVD•added 5 days ago•7 views

EUVD-2026-33756

6.5CVSS5.6AI score0.00033EPSS