Vulnerabilities > Hotel Management System Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2022-48090 SQL Injection vulnerability in Hotel Management System Project Hotel Management System 20220411
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php.
network
low complexity
hotel-management-system-project CWE-89
6.5
6.5
2023-01-13 CVE-2022-48091 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 20220411
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_update_profile.php.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-09-12 CVE-2022-36254 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 1.0
Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-07-12 CVE-2022-2291 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 2.0
A vulnerability was found in SourceCodester Hotel Management System 2.0.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-07-12 CVE-2022-2292 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 2.0
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0.
network
low complexity
hotel-management-system-project CWE-79
5.4
5.4
2022-04-13 CVE-2022-27475 Cross-site Scripting vulnerability in Hotel Management System Project Hotel Management System 1.0
Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.
network
low complexity
hotel-management-system-project CWE-79
6.1
6.1