VYPR

Vendor CVEs

Nikhil Bhalerao

All CVEs

23 total · sorted by risk
  • CVE-2025-11473HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads to sql injection. It is possible to launch the attack remotely. The exploit has…

  • CVE-2025-11472HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published…

  • CVE-2025-11471HigOct 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /edit_customer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public…

  • CVE-2025-11397HigOct 7, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php. Performing manipulation of the argument email results in sql injection. The attack may be initiated remotely. The…

  • CVE-2025-5758HigJun 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack…

  • CVE-2025-5755HigJun 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulation of the argument email leads to sql injection. It is possible to launch the…

  • CVE-2025-5716HigJun 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2025-5712HigJun 6, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointment.php. The manipulation of the argument patient leads to sql injection. The…

  • CVE-2025-11474MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated…

  • CVE-2025-11469MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/save_customer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed…

  • CVE-2025-11405MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /del_tax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly…

  • CVE-2025-11404MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown part of the file /pages/save_tax.php. Executing manipulation of the argument percentage can lead to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-11403MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack…

  • CVE-2025-11402MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The…

  • CVE-2025-11401MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/save_curr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2025-11400MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may…

  • CVE-2025-11399MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_room.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible.…

  • CVE-2025-11398MedOct 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing manipulation of the argument image can lead to unrestricted upload. The attack…

  • CVE-2025-5728MedJun 6, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be…

  • CVE-2025-11470MedOct 8, 2025
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation of the argument website_image/back_login_image leads to unrestricted upload.…

  • CVE-2020-21012Oct 1, 2021
    risk 0.01cvss epss 0.03

    Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.

  • CVE-2024-4809May 13, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The…

  • CVE-2019-18387Oct 23, 2019
    risk 0.00cvss epss 0.01

    Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.