Page 18 of 118 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/4 https://vuldb.com/?ctiid.268866 https://vuldb.com/?id.268866 https://vuldb.com/?submit.358995 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/2 https://vuldb.com/?ctiid.268858 https://vuldb.com/?id.268858 https://vuldb.com/?submit.358990 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/1 https://vuldb.com/?ctiid.268857 https://vuldb.com/?id.268857 https://vuldb.com/?submit.358988 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. • https://github.com/Laster-dev/CVE/issues/1 https://vuldb.com/?ctiid.268856 https://vuldb.com/?id.268856 https://vuldb.com/?submit.358592 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/PHJ-doit/cve/issues/1 https://vuldb.com/?ctiid.268855 https://vuldb.com/?id.268855 https://vuldb.com/?submit.358590 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •