Hotels Server Project CVE

Filtered by vendor Hotels Server Project Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-8393	1 Hotels Server Project	1 Hotels Server	2019-02-20	7.5 HIGH	9.8 CRITICAL
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.
CVE-2019-6497	1 Hotels Server Project	1 Hotels Server	2019-01-23	7.5 HIGH	9.8 CRITICAL
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.

Vulnerabilities (CVE)