A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight Booking Management System. This issue affects some unknown processing of the file add_contestant.php. The manipulation of the argument add_contestant leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-218153 was assigned to this vulnerability.

The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file

A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205657 was assigned to this vulnerability.

A vulnerability was found in Online Hotel Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit_room_cat.php of the component Room Handler. The manipulation of the argument roomname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_all_room.php of the component Room Handler. The manipulation of the argument id with the input 2828%27%20AND%20(SELECT%203766%20FROM%20(SELECT(SLEEP(5)))BmIK)%20AND%20%27YLPl%27=%27YLPl leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=get_vehicle_service.

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/services/view_service.php?id=.

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manage_service.php?id=.