Search Results | AttackerKB

Show filters

Topics 13 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

13 Total Results

Displaying 11-13 of 13

Attacker Value

Unknown

CVE-2022-28110

Disclosure Date: May 10, 2022 (last updated February 23, 2025)

Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-27475

Disclosure Date: April 13, 2022 (last updated February 23, 2025)

Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2019-18387

Disclosure Date: October 23, 2019 (last updated November 27, 2024)

Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.

Attack Vector: Network Privileges: None User Interaction: None

0