Topsky979
Products
3- 6 CVEs
- 4 CVEs
- 1 CVE
Recent CVEs
11| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42559 | Cri | 0.64 | 9.8 | 0.00 | Aug 20, 2024 | An issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providing a valid password. | ||
| CVE-2023-3616 | Cri | 0.64 | 9.8 | 0.00 | Sep 5, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mava Software Hotel Management System allows SQL Injection. This issue affects Hotel Management System: before 2.0. | ||
| CVE-2024-41601 | Hig | 0.49 | 7.5 | 0.00 | Jul 19, 2024 | Insecure Permissions vulnerability in lin-CMS v.0.2.0 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. | ||
| CVE-2024-42550 | Med | 0.35 | 5.4 | 0.00 | Aug 21, 2024 | A cross-site scripting (XSS) vulnerability in the component /email/welcome.php of Mini Inventory and Sales Management System commit 18aa3d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter. | ||
| CVE-2024-7947 | 0.00 | — | 0.00 | Aug 20, 2024 | A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-25318 | 0.00 | — | 0.00 | Feb 9, 2024 | Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2. | |||
| CVE-2024-25316 | 0.00 | — | 0.00 | Feb 9, 2024 | Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2. | |||
| CVE-2023-7075 | 0.00 | — | 0.00 | Dec 22, 2023 | A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting.… | |||
| CVE-2022-2292 | 0.00 | — | 0.00 | Jul 12, 2022 | A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input… | |||
| CVE-2022-2291 | 0.00 | — | 0.00 | Jul 12, 2022 | A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input… | |||
| CVE-2021-44321 | 0.00 | — | 0.00 | Mar 4, 2022 | Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items. |
- risk 0.64cvss 9.8epss 0.00
An issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providing a valid password.
- risk 0.64cvss 9.8epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mava Software Hotel Management System allows SQL Injection. This issue affects Hotel Management System: before 2.0.
- risk 0.49cvss 7.5epss 0.00
Insecure Permissions vulnerability in lin-CMS v.0.2.0 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component.
- risk 0.35cvss 5.4epss 0.00
A cross-site scripting (XSS) vulnerability in the component /email/welcome.php of Mini Inventory and Sales Management System commit 18aa3d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.
- CVE-2024-7947Aug 20, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack…
- CVE-2024-25318Feb 9, 2024risk 0.00cvss —epss 0.00
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
- CVE-2024-25316Feb 9, 2024risk 0.00cvss —epss 0.00
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2.
- CVE-2023-7075Dec 22, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting.…
- CVE-2022-2292Jul 12, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input…
- CVE-2022-2291Jul 12, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input…
- CVE-2021-44321Mar 4, 2022risk 0.00cvss —epss 0.00
Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items.