CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

259 matches found

EUVD-2026-33819

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

7.5CVSS5.7AI score0.00033EPSS

Exploits0References7

NVD•added 5 days ago•10 views

CVE-2026-10289

A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be initiated remotely. The...

5.3CVSS0.00036EPSS

Exploits0References6

Cvelist•added 5 days ago•24 views

CVE-2026-10290 code-projects Hotel and Tourism Reservation System GET Parameter tour.php sql injection

7.5CVSS0.00033EPSS

Exploits0References6

CVE•added 5 days ago•12 views

CVE-2026-10290

The vulnerability CVE-2026-10290 affects code-projects Hotel and Tourism Reservation System 1.0, specifically the GET Parameter Handler’s tour.php. The issue arises from an unspecified function allowing manipulation of the tour argument, leading to SQL injection. Remote exploitation is possible a...

7.5CVSS5.7AI score0.00033EPSS

Exploits0References6

ATTACKERKB•added 5 days ago•7 views

CVE-2026-10289

5.3CVSS4.3AI score0.00036EPSS

Exploits0References6Affected Software1

EUVD•added 5 days ago•11 views

EUVD-2026-33763

5.3CVSS4.3AI score0.00036EPSS

Exploits0References6

EUVD•added 5 days ago•7 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00098EPSS

Exploits0References6

Positive Technologies•added 5 days ago•12 views

PT-2026-45554

5.3CVSS4.3AI score0.00036EPSS

Exploits0References6

RedhatCVE•added 2026/03/09 7:54 p.m.•1 views

CVE-2026-3746

A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may...

9.8CVSS5.7AI score0.00076EPSS

Exploits1References1

EUVD•added 2026/03/08 6:30 p.m.•2 views

EUVD-2026-10249

7.5CVSS6.9AI score0.00076EPSS

Exploits1References7

NVD•added 2026/03/08 4:16 p.m.•1 views

CVE-2026-3746

9.8CVSS0.00076EPSS

Exploits1References6

OSV•added 2026/03/08 4:16 p.m.•2 views

CVE-2026-3746

9.8CVSS5.7AI score

Exploits0References6

Vulnrichment•added 2026/03/08 3:32 p.m.•1 views

CVE-2026-3746 SourceCodester Simple Responsive Tourism Website Login Login.php sql injection

7.5CVSS5.7AI score0.00076EPSS

Exploits1References6

ATTACKERKB•added 2026/03/08 3:32 p.m.•1 views

CVE-2026-3746

7.5CVSS5.7AI score0.00076EPSS

Exploits1References6Affected Software1

Cvelist•added 2026/03/08 3:32 p.m.•32 views

CVE-2026-3746 SourceCodester Simple Responsive Tourism Website Login Login.php sql injection

7.5CVSS0.00076EPSS

Exploits1References6

CVE•added 2026/03/08 3:32 p.m.•5 views

CVE-2026-3746

Consolidated details across multiple sources identify CVE-2026-3746 as a SQL injection in SourceCodester Simple Responsive Tourism Website 1.0, affecting the Login component’s file /tourism/classes/Login.php?f=login. The bug arises from manipulating the Username argument, enabling remote exploita...

9.8CVSS6.9AI score0.00076EPSS

Exploits1References6Affected Software1

CNNVD•added 2026/03/08 12:0 a.m.•4 views

SourceCodester Simple Responsive Tourism Website SQL注入漏洞

SourceCodester Simple Responsive Tourism Website is an open-source tourism website developed by SourceCodester. Version 1.0 of SourceCodester Simple Responsive Tourism Website has a SQL injection vulnerability. This vulnerability stems from the handling of the Username parameter in the Login.php...

9.8CVSS7.2AI score0.00076EPSS

Exploits1References7

GithubExploit•added 2026/02/21 3:58 p.m.•148 views

Exploit for SQL Injection in Oretnom23 Simple_Responsive_Tourism_Website

file /classes/Master.php?f=register of the SQL Injection CVE-...

9.8CVSS5.8AI score0.00045EPSS

Exploits2

NVD•added 2026/02/20 5:25 p.m.•3 views

CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

9.8CVSS0.00045EPSS

Exploits2References5

OSV•added 2026/02/20 5:25 p.m.•2 views

CVE-2026-2848

9.8CVSS5.7AI score0.00045EPSS

Exploits2References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by