Lucene search
+L
InoutscriptsInout Homestay

4 matches found

CVE
CVE
added 2026/03/12 3:36 p.m.21 views

CVE-2019-25527

CVE-2019-25527 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the numguest parameter, exploitable by sending crafted POST requests to the /search/searchdetailed endpoint. It is described as allowing unauthenticated attackers to manipulate queries, potentia...

9.1CVSS5.9AI score0.00409EPSS
Web
CVE
CVE
added 2026/03/12 3:36 p.m.15 views

CVE-2019-25525

CVE-2019-25525 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the guests parameter that can be exploited via POST to the search/rentals endpoint, enabling unauthenticated attackers to bypass authentication and potentially extract or modify data. The provid...

9.1CVSS5.9AI score0.00409EPSS
Web
CVE
CVE
added 2026/03/12 3:36 p.m.15 views

CVE-2019-25526

Inout EasyRooms Ultimate Edition v1.0 is vulnerable to SQL injection via the location parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to extract data or modify database contents. No remediation or fixed version is specified in the prov...

9.1CVSS5.9AI score0.00346EPSS
Web
CVE
CVE
added 2026/03/12 3:36 p.m.13 views

CVE-2019-25528

CVE-2019-25528 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the property1 parameter, exploitable via POST to /search/searchdetailed by unauthenticated attackers to read/alter data. Some sources note presence of PoCs/exploits. Public remediation/fixed det...

9.1CVSS5.9AI score0.00401EPSS
Web