6.9
CVE-2025-6449 - code-projects Simple Online Hotel Reservation System checkout_query.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/checkout_query.php. The manipulation of the argument transaction_id leads to sql injection. The attack may be lau…
6.9
CVE-2025-6448 - code-projects Simple Online Hotel Reservation System delete_room.php sql injection
A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_room.php. The manipulation of the argument room_id leads to sql injection. The attack can be la…
4.3
CVE-2025-52923 -
Sangfor aTrust through 2.4.10 allows users to modify the ExecStartPre command.
6.9
CVE-2025-6447 - code-projects Simple Online Hotel Reservation System index.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The…
6.9
CVE-2025-6446 - code-projects Client Details System index.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /clientdetails/admin/index.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely…
5.3
CVE-2025-6422 - Campcodes Online Recruitment Management System About Content Page ajax.php unrestricted upload
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=save_settings of the component About Content Page. The manipulation of the argument img leads to unre…
6.9
CVE-2025-6421 - code-projects Simple Online Hotel Reservation System add_account.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/add_account.php. The manipulation of the argument name/admin_id leads to sql injection. The attack may be initiated rem…
9.3
CVE-2025-1987 - Stored XSS in Psono-Client via Malicious Vault Entry URLs
A Cross-Site Scripting (XSS) vulnerability has been identified in Psono-Client’s handling of vault entries of type website_password and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious v…
6.9
CVE-2025-6420 - code-projects Simple Online Hotel Reservation System add_room.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add_room.php. The manipulation of the argument room_type leads to sql injection. The attack can be initiated remotely. …
6.9
CVE-2025-6419 - code-projects Simple Online Hotel Reservation System edit_room.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument room_type leads to sql injection. It is possible to initiate the attack remotely…