An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields.
Max CVSS
6.1
EPSS Score
0.21%
Published
2020-07-05
Updated
2020-07-08
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Max CVSS
9.8
EPSS Score
0.39%
Published
2022-06-30
Updated
2022-07-08
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Max CVSS
8.8
EPSS Score
0.14%
Published
2022-06-30
Updated
2022-07-08
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
Max CVSS
4.3
EPSS Score
0.21%
Published
2014-06-11
Updated
2019-08-12
SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-07-08
Updated
2017-08-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!