Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hotels server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-33948
SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows malicious user to execute arbitrary code via the username parameter.
Hotels Server Project Hotels Server 1.0
383
VMScore
CVE-2020-18102
Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote malicious users to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php".
Hotels Server Project Hotels Server 1.0
231
VMScore
CVE-2020-26230
Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID TEKs to the Radar COVID server is possible. This vulnerability enables the identif...
Radarcovid Radar-covid-backend-dp3t-server
Radarcovid Radarcovid
668
VMScore
CVE-2019-8393
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.
Hotels Server Project Hotels Server
445
VMScore
CVE-2019-7648
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.
Hotels Server Project Hotels Server
668
VMScore
CVE-2019-6497
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
Hotels Server Project Hotels Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started