Jayesh Hotel Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Jayesh Hotel Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2024-42775 — CVSS 9.1 (critical): An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which…
CVE-2024-42773 — CVSS 9.1 (critical): An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which…
CVE-2024-42772 — CVSS 7.5 (high): An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an…
CVE-2024-42774 — CVSS 7.5 (high): An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an…
CVE-2024-42776 — CVSS 7.2 (high): Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php.
CVE-2024-42767 — CVSS 7.2 (high): Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php.
CVE-2024-42768 — CVSS 6.8 (medium): A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php.
CVE-2024-42769 — CVSS 6.1 (medium): A Reflected Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php " of Kashipara Hotel Management System v1.0, which…
CVE-2023-49269 — CVSS 5.4 (medium): Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the…
CVE-2023-49270 — CVSS 5.4 (medium): Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter…
CVE-2023-49271 — CVSS 5.4 (medium): Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date'…
CVE-2023-49272 — CVSS 5.4 (medium): Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of…
CVE-2024-42771 — CVSS 4.8 (medium): A Stored Cross Site Scripting (XSS) vulnerability was found in " /admin/edit_room_controller.php" of the Kashipara Hotel Management System…
CVE-2024-42770 — CVSS 4.7 (medium): A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which…