RSS   Podatności dla 'Hotel management system'   RSS

2022-07-12
 
CVE-2022-2291

CWE-79
 

 
A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input "><script>alert("XSS")</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

 
 
CVE-2022-2292

CWE-79
 

 
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input "><script>alert("XSS")</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

 
2022-05-10
 
CVE-2022-28110

CWE-89
 

 
Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.

 
2022-04-13
 
CVE-2022-27475

CWE-79
 

 
Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.

 
2021-10-04
 
CVE-2021-41651

CWE-89
 

 
A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in process_update_profile.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top