Vulnerabilities > Hotel Management System Project

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2024-25314 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.
network
low complexity
hotel-management-system-project CWE-89
critical
 9.8
9.8
2024-02-09 CVE-2024-25315 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2.
network
low complexity
hotel-management-system-project CWE-89
critical
 9.8
9.8
2024-02-09 CVE-2024-25316 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2.
network
low complexity
hotel-management-system-project CWE-89
critical
 9.8
9.8
2024-02-09 CVE-2024-25318 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
network
low complexity
hotel-management-system-project CWE-89
8.8
8.8
2023-01-13 CVE-2022-48090 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 20220411
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php.
network
low complexity
hotel-management-system-project CWE-89
6.5
6.5
2023-01-13 CVE-2022-48091 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 20220411
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_update_profile.php.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-09-12 CVE-2022-36254 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 1.0
Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-07-12 CVE-2022-2291 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 2.0
A vulnerability was found in SourceCodester Hotel Management System 2.0.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-07-12 CVE-2022-2292 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 2.0
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-05-10 CVE-2022-28110 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0
Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.
network
low complexity
hotel-management-system-project CWE-89
critical
 9.8
9.8