VYPR

Hotel Broadband Operation System

by Amtt

CVEs (10)

  • CVE-2025-12253HigOct 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely.…

  • CVE-2025-13123MedNov 13, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-14090MedDec 5, 2025
    risk 0.31cvss 4.7epss 0.00

    A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2016-15048Oct 22, 2025
    risk 0.00cvss epss 0.07

    AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper…

  • CVE-2025-3983Apr 27, 2025
    risk 0.00cvss epss 0.17

    A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection.…

  • CVE-2025-2701Mar 24, 2025
    risk 0.00cvss epss 0.07

    A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState…

  • CVE-2024-11051Nov 10, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is…

  • CVE-2024-11050Nov 10, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting.…

  • CVE-2024-41476Aug 9, 2024
    risk 0.00cvss epss 0.01

    AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/card_detail.php.

  • CVE-2024-39072Jul 9, 2024
    risk 0.00cvss epss 0.00

    AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendar_remind.php.