3 matches found
CVE-2024-6308
The CVE-2024-6308 entry concerns itsourcecode Simple Online Hotel Reservation System 1.0. The vulnerability lies in index.php where modifying the username parameter enables SQL injection. Attacks are described as remote, with the exploit disclosed publicly. Multiple connected sources corroborate ...
CVE-2024-6116
CVE-2024-6116 affects Simple Online Hotel Reservation System 1.0. Affected component: edit_room.php; issue arises from manipulation of the photo parameter, enabling unrestricted file uploads. Exploitation described as remote. Documented impact is high, with potential for arbitrary file upload and...
CVE-2024-6115
CVE-2024-6115 affects the Simple Online Hotel Reservation System 1.0, specifically the unknown functionality in the file add_room.php. The vulnerability arises from manipulation of the parameter photo , which enables unrestricted file uploads. This is exploitable remotely and has been disclosed p...