19 matches found
EUVD-2022-50804
Malicious code in bioql PyPI...
EUVD-2022-38972
Malicious code in bioql PyPI...
CVE-2022-48090
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php...
CVE-2022-36254
Multiple persistent cross-site scripting XSS vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname"...
CVE-2022-27475
Cross site scripting XSS vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded...
CVE-2022-48091
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...
CVE-2022-48091
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...
CVE-2022-48090
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php...
Cross site scripting
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...
CVE-2022-48090
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php...
CVE-2022-48091
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...
CVE-2022-48091
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...
Cross site scripting
Multiple persistent cross-site scripting XSS vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname"...
CVE-2022-36254
The connected PT-2022-23273 entry provides concrete details for CVE-2022-36254: tramyardg Hotel Management System 1.0 (index.php) is vulnerable to persistent XSS via the fullname parameter, enabling remote script/HTML injection. Affected component is index.php; root cause is improper handling of ...
PT-2022-23273 · Unknown · Tramyardg Hotel Management System
Name of the Vulnerable Software and Affected Versions: tramyardg Hotel Management System version 1.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML via multiple parameters such as fullname in index.php, enabling persistent cross-site scripting XSS attacks...
CVE-2022-27475
Cross site scripting XSS vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded...
CVE-2022-27475
Cross site scripting XSS vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded...
Cross site scripting
Cross site scripting XSS vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded...
CVE-2022-27475
CVE-2022-27475 is an XSS vulnerability in tramyardg hotel-mgmt-system (version 1.0) due to lack of proper data validation/escaping in /admin.php. Exploitation would allow execution of arbitrary JavaScript in the victim’s browser; impact details are described in the linked records as client-side s...