Lucene search
+L
Oretnom23Resort Reservation System

5 matches found

cve
cve
added 2024/09/17 8:0 p.m.38 views

CVE-2024-8951

The CVE-2024-8951 entry covers a cross-site scripting vulnerability in SourceCodester Resort Reservation System 1.0, arising from manipulation of the toview argument in the manage_fee.php file. The vulnerability is described as exploitable remotely, with public disclosure of the exploit. Connecte...

6.1CVSS4.1AI score0.00422EPSS
cve
cve
added 2026/03/08 9:32 p.m.20 views

CVE-2026-3771

The CVE applies to SourceCodester/janobe Resort Reservation System 1.0, specifically the vulnerability in /accomodation.php where manipulating the q parameter leads to SQL injection. This is a remote, publicly disclosed issue with potential high impact on confidentiality, integrity, and availabil...

8.8CVSS6.5AI score0.00295EPSS
Web
cve
cve
added 2026/03/09 3:32 a.m.20 views

CVE-2026-3800

SourceCodester/janobe Resort Reservation System 1.0 is affected by CVE-2026-3800. The vulnerability lies in the doInsert function of /controller.php?action=add, where manipulation of the image argument enables unrestricted file upload. This could allow remote attackers to upload arbitrary files. ...

8.8CVSS6.3AI score0.00299EPSS
Web
cve
cve
added 2026/03/09 6:2 a.m.20 views

CVE-2026-3806

CVE-2026-3806 affects SourceCodester/janobe Resort Reservation System 1.0. The vulnerability is a SQL injection in an unknown handling of /room_rates.php triggered by the q parameter. Exploitation can be conducted remotely; the exploit has been publicly released and PoCs exist. No remediation det...

8.8CVSS6.5AI score0.00295EPSS
Web
cve
cve
added 2026/03/09 12:32 p.m.17 views

CVE-2026-3819

SourceCodester Resort Reservation System 1.0 contains a cross-site scripting (XSS) vulnerability in the Reservation Management module. The issue arises from manipulation of an argument ID in the file /?page=manage_reservation, enabling remote execution of XSS. The description notes the exploit ha...

5.4CVSS4.2AI score0.00257EPSS