Filtered by vendor Nikhil-bhalerao
Subscribe
Filtered by product Hotel And Lodge Management System
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-11470 | 1 Nikhil-bhalerao | 1 Hotel And Lodge Management System | 2025-10-08 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation of the argument website_image/back_login_image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-11471 | 1 Nikhil-bhalerao | 1 Hotel And Lodge Management System | 2025-10-08 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /edit_customer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. | |||||
| CVE-2025-11472 | 1 Nikhil-bhalerao | 1 Hotel And Lodge Management System | 2025-10-08 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-11473 | 1 Nikhil-bhalerao | 1 Hotel And Lodge Management System | 2025-10-08 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-11474 | 1 Nikhil-bhalerao | 1 Hotel And Lodge Management System | 2025-10-08 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. | |||||