4 matches found
CVE-2019-25527
CVE-2019-25527 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the numguest parameter, exploitable by sending crafted POST requests to the /search/searchdetailed endpoint. It is described as allowing unauthenticated attackers to manipulate queries, potentia...
CVE-2019-25525
CVE-2019-25525 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the guests parameter that can be exploited via POST to the search/rentals endpoint, enabling unauthenticated attackers to bypass authentication and potentially extract or modify data. The provid...
CVE-2019-25526
Inout EasyRooms Ultimate Edition v1.0 is vulnerable to SQL injection via the location parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to extract data or modify database contents. No remediation or fixed version is specified in the prov...
CVE-2019-25528
CVE-2019-25528 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the property1 parameter, exploitable via POST to /search/searchdetailed by unauthenticated attackers to read/alter data. Some sources note presence of PoCs/exploits. Public remediation/fixed det...