cgpandey hotelmis HTTP GET Request admin.php cross site scripting

July 18, 2025 invoker category_cve

CVE Details

Basic Information

Title cgpandey hotelmis HTTP GET Request admin.php cross site scripting
Type cve
Published 2025-07-18T18:32:04.603Z
Modified 2025-07-18T18:42:59.191Z

Product Information

Vendor cgpandey
Product hotelmis
Version c572198e6c4780fccc63b1d3e8f3f72f825fc94e

CVSS Information

Base Score 5.1 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X

Affected Products

  • cgpandey hotelmis c572198e6c4780fccc63b1d3e8f3f72f825fc94e

Additional Information

CWE List CWE-79, CWE-94
Source VulDB

Description

A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component HTTP GET Request Handler. The manipulation of the argument Search leads to cross site scripting. The attack can be initiated remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.