Vulnerabilities > Hotel Management System Project > Hotel Management System > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-09	CVE-2024-25314	SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2. network low complexity hotel-management-system-project CWE-89 critical	9.8
2024-02-09	CVE-2024-25315	SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2. network low complexity hotel-management-system-project CWE-89 critical	9.8
2024-02-09	CVE-2024-25316	SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2. network low complexity hotel-management-system-project CWE-89 critical	9.8
2024-02-09	CVE-2024-25318	SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2. network low complexity hotel-management-system-project CWE-89	8.8
2022-09-12	CVE-2022-36254	Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 1.0 Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname". network low complexity hotel-management-system-project CWE-79	5.4
2022-05-10	CVE-2022-28110	SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. network low complexity hotel-management-system-project CWE-89 critical	9.8
2022-04-13	CVE-2022-27475	Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 1.0 Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded. network low complexity hotel-management-system-project CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.