Vulnerabilities > Hotels Server Project > Hotels Server > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-17	CVE-2021-33948	SQL Injection vulnerability in Hotels Server Project Hotels Server 1.0 SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. network low complexity hotels-server-project CWE-89 critical	9.8
2021-05-10	CVE-2020-18102	Cross-site Scripting vulnerability in Hotels Server Project Hotels Server 1.0 Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php". network hotels-server-project CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.