Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php.
An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to view valid hotel room entries in administ
An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in
CVE-2024-42775
CRITICAL CVSS 9.1
Find Similar
An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room en
CVE-2024-42773
CRITICAL CVSS 9.1
Find Similar
An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php.
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax.php?action=save_user.
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music/index.php?page=edit_user in Kashipara Music Management System v1.0. This allows a low privileged attac
CVE-2024-40480
CRITICAL CVSS 9.8
Find Similar
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator
A vulnerability was found in code-projects Hotel Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file hotelnew.c of the component Available Room
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music/controller.php?page=edit_user&id=3 in Kashipara Music Management System v1.0. This vulnerability allows an u
CVE-2024-50823
CRITICAL CVSS 9.8
Find Similar
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.
CVE-2024-54932
CRITICAL CVSS 9.8
Find Similar
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php.
SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list.
CVE-2024-42797
CRITICAL CVSS 9.8
Find Similar
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage_room.php.
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete th
Page 1+ Next →