Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
KashiparaHotel Management1.0

5 matches found

CVE
CVEadded 2023/12/20 8:15 p.m.38 views

CVE-2023-49272

Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4CVSS5.4AI score0.00074EPSS
CVE
CVEadded 2024/08/22 4:15 p.m.38 views

CVE-2024-42770

A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "user_email" parameter.

4.7CVSS6.4AI score0.00165EPSS
CVE
CVEadded 2024/08/22 5:15 p.m.36 views

CVE-2024-42768

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php.

6.8CVSS7AI score0.00046EPSS
CVE
CVEadded 2023/12/20 8:15 p.m.29 views

CVE-2023-49270

Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4CVSS5.4AI score0.002EPSS
CVE
CVEadded 2023/12/20 8:15 p.m.19 views

CVE-2023-49271

Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4CVSS5.4AI score0.002EPSS