Hotel Management System Project Hotel Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Hotel Management System Project Hotel Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2024-25314 — CVSS 9.8 (critical): Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.
CVE-2024-25316 — CVSS 9.8 (critical): Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2.
CVE-2024-25315 — CVSS 9.8 (critical): Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2.
CVE-2022-28110 — CVSS 9.8 (critical): Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.
CVE-2024-25318 — CVSS 8.8 (high): Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
CVE-2021-41651 — CVSS 7.5 (high): A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive…
CVE-2022-48090 — CVSS 6.5 (medium): Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php.
CVE-2022-27475 — CVSS 6.1 (medium): Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is…
CVE-2022-48091 — CVSS 5.4 (medium): Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_update_profile.php.
CVE-2022-36254 — CVSS 5.4 (medium): Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers…
CVE-2022-2291 — CVSS 4.3 (medium): A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown…
CVE-2022-2292 — CVSS 3.5 (low): A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of…