5 matches found
CVE-2025-8382
CVE-2025-8382 affects Campcodes Online Hotel Reservation System 1.0, specifically the /admin/edit_room.php component. The vulnerability is a SQL injection caused by manipulation of the room_id argument, enabling remote exploitation. Multiple connected sources corroborate the issue and describe th...
CVE-2025-8379
CVE-2025-8379 concerns Campcodes Online Hotel Reservation System version 1.0. The issue resides in the /admin/edit_room.php endpoint, where manipulating the photo parameter enables unrestricted file upload. Multiple sources confirm remote exploitation potential with public disclosure of the explo...
CVE-2025-8378
CVE-2025-8378 affects Campcodes Online Hotel Reservation System 1.0. The vulnerability is a SQL injection in the Login component, exploitable via manipulation of the username/password arguments in /admin/index.php. Impact is described as critical with network-based, low-complexity access and no p...
CVE-2025-8380
The CVE-2025-8380 entry concerns Campcodes Online Hotel Reservation System 1.0. A Cross-Site Scripting (XSS) flaw exists in the /admin/add_query_account.php file where manipulating the Name parameter can inject script. The vulnerability appears to be exploitable remotely and is supported by multi...
CVE-2025-8381
CVE-2025-8381 affects Campcodes Online Hotel Reservation System 1.0. The vulnerability is a SQL injection in the parameter manipulated via the file /add_reserve.php (argument room_id ). This can be triggered remotely and may allow an attacker to read/modify data or impact availability, as indicat...